Slashdot Mirror
Ports for Porn - Using Firewalls to Block Porn
vicpylon writes "A Utah businessman and his non-profit organization wants to limit pornography to certain ports in the TCP/IP protocol. He is literally suggesting legislatively restricting porn sites to certain ports, so that the "offensive" content is easier to block. This is not workable on so many levels that it is laughable. International adult sites not subject to US laws, proxy servers, enforcement issues all leap to my tired mind as major flaws in his plan. He is lobbying congress, so do not be surprised to see this discussed by some headline grabbing politico.
"
Port number 69?
"I think it would be a good idea" Gandhi, on Western Civilisation
Unfortunately, what I want to restrict, in general, is the power of the people in charge... Political types just aren't very good at running things for anyone but themselves and their buddies. This is not a (particular) jibe at the Bush administration, just a general observation about the worst suck-ups on this planet, the politicians.
It was a joke! When you give me that look it was a joke.
The TCP port that will be used for it is obviously 69. Actually, this is a great help, as a simple "tcpdump -w pr0n.log 'port 69'" writes all the porn downloaded by your colleagues to a tcpdump file, from which all the video and image files could be extracted later.
A monkey is doing the real work for me.
That if your kids are doing it, a.) you might want to try getting more involved with them so they understand why you think porn is "evil" and b.) they may not actually be hurt by it, but who knows. As for the technological aspect, it is ridiculous, but people don't seem to understand these sort of things when they suggest them. Now whoever opposes it, even if on the basis of saying it won't be plausible, they will be "unpatriotic"!
Hmm - this wingnut used to be the CEO for The Canopy Group and is a major SCO stockholder? Yeah, he'll be the first guy I run to for tech advice....
Please stand clear of the doors, por favor mantenganse alejado de las puertas
Time and time again we see that the courts and politics in general are just flat out not equipped to handle technical issues- then throw in people who don't know much about technology to begin with and you really have a problem.
I don't know if there is a solution but to wait long enough to get a techy judge in the supreme court (and lower courts hopefully), get techy guys in congress, etc.. Some how I don't think we'll live long enough.
It really is obvious, but one of the reasons this wouldn't work is that it would force all porn transports (HTTP, Usenet, FTP, Bittorrent, ...) to listen on the same port number. Yeah, it could probably be done if there's a truly dire need to do so (eg. on corporate firewalls, everything proxies over :80 these days), but it's almost certainly always a bad idea to do.
This idea is doomed for the same reason that the
____
~ |rip/\/\aster /\/\onkey
Porn in other words.
The "business man" in question, Ralph Yarro, is the guy that used to run Canopy group (SCO's largest shareholder) until he was ousted after a battle with the Noorda family over control. Hardly the kind of guy you'd want involved in anything requiring a sliver of ethics...
Then your computer and kids will be safe from p0rn from the Internet
Can we have a topic called "Yes its news, but its only flamebait on Utah republicans, so we're not going to post it, because it lacks any technical merit, and even the most ignorant of Slashdot readers could hack around these restrictions within seconds"?
C'mon, do we REALLY need to see this on the front page? Is the next article going to be "Sometimes audio CDs have data on them too!" or "Government wishes it could read everyone's email" ?
I'd like to see Slashdot rise up to the "technical news that matters to technical people" instead of "Its on Yahoo! News and its about the Intarweb so we post it"
I want to delete my account but Slashdot doesn't allow it.
Utah Woman Deletes the Internet! By Tom 7 (Dissociated Press) REDMOND: Millions of frustrated calls rushed into internet service providers this past thursday as "The Information Superhighway" was reported Missing In Action for several days. The Internet Engineering Task Force (IETF) traced the problem to a home in Utah where Doris Packuko resides. She was allegedly found "hysterical and crying", police say. "That much information flowing through the phone lines all at once generates a lot of heat," Doug Wernicke of the IETF told us, "We just followed the smell of burning fiber optics." "Apparently, she just deleted The Internet right off her desktop. Even after being warned, 'are you sure you want to delete The Internet?', she persisted." Experts claim that this is a major problem with The Information Superhighway, perhaps even worse than animal pornography. "The Internet is a great cooperative work, built by millions of people. It is so unfortunate that it can be ruined by just one person. Thank God we were able to save it," commented Packuko's neighbor. The IETF was able to recover most of The Internet by opening up Packuko's Recycle Bin and dragging The Internet back onto the desktop. The rest was restored from the master backup copy kept on Zip Disk in the pentagon. Puckuko claims ignorance was the cause of her act. "I just didn't know. I was trying to clean up my desktop and I deleted it. I ... I just didn't realize."
Microsoft Corporation reports that they are currently working on a bug fix.
Is to implement a special top-level-domain for porn, something like the .xxx domain that was proposed (and rejected IIRC).
That would have almost no technical issues and be just as easy to block as this braindead proposal.
Everyone okay with that?
Blearf. Blearf, I say.
So to sum it up: A Utah businessman nobody cares about plans on asking politicians to implement an unworkable idea. This wouldn't make page 9 of a high-school newspaper, what's it doing on Slashdot?
Slashdot: providing anti-social weirdos a soapbox, since 1997.
The first problem: What's porn? The second problem: Who decides what's porn? The third problem: Who enforces it?
If someone says he and his monkey have nothing to hide, they almost certainly do.
There are only 61538 ports. That's barely enough to categorise my personal fetishes, let alone everyone else's. Where on earth are we going to leave all the other content?
.."port knocking" and "port sniffing".
International adult sites not subject to US laws
True, but just getting US-generated and US-hosted porn under control, as well as porn passing through US-owned ISPs, would account for quite a lot of sites, and an awful lot of the sites that tend to pop up in Google. America is regularly cited as one of the obstacles to dealing with Internet porn - if it took any steps, however technically incompetent, to address the issue, it would make an enormous difference.
I realise that restricting access to porn may not be a subject dear to the heart of all /.ers, but I have the impression that most of the rest of this thread is going to boil down to "no-one can do a thing about porn, la la la la I can't hear you", when the reality is that a lot of people around the world would like to see the present situation changed, and, one way or another, sooner or later, that will result in legislation. And if a solution is finally imposed, it may well turn out to be as draconian as the French government's anti-nazi legislation, which has been successfully imposed on Yahoo.
Virtually serving coffee
I particularly love the notion that they have that, by sequestering porn off to its own ports, they'll manage to avoid the risk of infringement of First Amendment rights that has come with things like the CDA. But I guess they really aren't thinking about WHO will decide what is and isn't porn, are they? :)
For your security, this post has been encrypted with ROT-13, twice.
There is currently a petition being driven by my local MP to try and ban 'violent pornographic websites' see BBC http://news.bbc.co.uk/1/hi/england/4460828.stm[BBC News]. Whilst not directly related to this article it is an example of the general public thinking that something can actually be done about these things!
Whilst I have a lot of sympathy for Liz Longhurst who has lost her daughter I do wish that my MP and other MPs would spend 30mins talking to some IT guys to discover that this is an impossible task. Currently they must be wasting lots of time at the taxpayer's expense.
If anyone else in the UK feels the same as me then please use the http://www.writetothem.com/ Write-to-them website to get a message to your MP!
If you want to make the web safe for impressionable people, then create a .kids domain that is heavily censored (expensive to register a subdomain, money goes to policing it) and only allow children who are likely to be traumatised by seeing sex / violence / social commentary / intelligent conversation / whatever to browse that, at their parents discression.
Feel free to moderate this redundant, since exactly the same point was raised in all of the articles about the .xxx domain.
I am TheRaven on Soylent News
Just 3 bright comments:
1. Wouldn't it be easier to establish a kid-friendly port (i.e. a sandbox port) - concerned parents and other censors can them simply block everthing else.
2. What is porn? A picture of a woman in a bikini might constitute porn in a Muslim country like Saudi Arabia, in a liberal European country the definition might be different.
3. Privacy issues - if porn is transmitted thro the porn port all users of that port might be labelled as porn fiends.
M
SCNR this one, so don't mod me down for not knowing that RFC3514 is an april fools day joke.
The xxx tld was a better idea. Is the urban legend that it was struck down by the US conservative Christian right correct, or Slashdot propoganda? Even if this were possible, it would probably don the same fate.
What a boon if done. Think about it! Law enforcement would only have to monitor one port for specific traffic. If you were caught off port then you are already breaking the laws. Not only would companies be able to filter, but ISP's would be able to charge extra for Porn Ports. YOu want this access to this content and wham! it's an extra $19.95. Don't believe it? What about comcastic locking down port 25? NNTP dying on the vine just add Porn Ports? Are we going to need specific Porn Browsers? AOL will be able to charge extra for adult access. This has all the novelty of another idealogues attempt to protect the wayward from themselves.
--- Location Unknown
There is currently a petition being driven by my local MP to try and ban 'violent pornographic websites'
To be fair, this one is only about attempting to extend the laws which cover possession of child pornography to violent porn (rape, mutilation, etc). She's not trying to ban porn websites, just the (currently legal) possession of their materials within the United Kingdom. Yes, I think it's unworkable, but it's not an entirely incoherent approach. Yarro's proposal is just plain crazy. He could even make it less crazy by saying "Right, all web sites in the United States should have to be registered with the (Local/State/Federal government) Department of Naughty Pictures which will then determine whether the site can offer service on port 80, or should be on port 6969." And failure to register a website constitutes an offence.
Yes, it's still stupid; yes, it can be trivially circumvented; and yes, it doesn't address non-HTTP protocols. But at least it's a coherent argument. The tiny, tiny flaw is that it would be struck down by the courts before you could mention the words "prior restraint". I'm fairly sure that the US Congress is prohibited from restricting freedom of spech - something about the first amendment to their contraception, or convolution - some word like that, anyway.
--NgWhile I understand many /.'ers don't believe there is anything wrong with pornography, and don't flame me for having my own opinion, I do. That said, I also believe that there are enough people out there who also believe it's not right or at least want to protect there kids from it. So we should accomodate them.
.XXX, it would make blocking incredibly easy...and probably put all "Net Nanny" type companies out of business....for better or worse. The problem is who is going to force porn sites to be restricted to .XXX?
Yes, routing porn images and text through specific ports is a joke. That would take such a major reworking of our present systems that it's not even funny. But what about TLD's? I have long thought that if all porn sites (and yes, "porn" can be defined) were hosted from sites with a TLD of
Oh, and if the people who WANT porn have a problem with this, why complain? It makes it easier for you to find it. Just google site:.xxx
Something about other governments wanting to impose censorship on the net?
Oh, you meant evil censorship of things the US government approves of rather than good censorship of things it disapproves of....
From TFA: "we are all hard-core technology businessmen".
How appropriate.
"If you think the problem is bad now, just wait until we've solved it." --- Arthur Kasspe
you even did not see the dept. this article comes from ("the i-can't-define-pr0n-but-i-know-it-when-i-see-it dept.") There IS NO Porn. A breast cancer site shows women (some of them beautiful) touching and massaging their own boobs. Is a Victoria's Secret catalog porn? To prohibit something, you should be able to define it first.
One absurd example: my son, one year and a half ago (he was four) took all his clothes by the pool; my wife snapped a picture of him as he had done so. Some jurisdictions consider possessing a picture of a nude 4yo as child porn, with some stiff criminal penalties. Does this seem reasonable to you?
It's better to be the foot on the boot than the face on the pavement. ~~ tkx Kadin2048
Just who is this guy going to get to do this? I'm not volunteering... Leave the p0rn alone. Most of it is harmless. Expend the energy going after child pornographers; that's a fight I'll sign up for.
GetOuttaMySpace - The Anti-Social Network
The controlling interest in Utah will not be happy and will not stop until the State is blocked off with something like the Great Firewall of China. Look at who owns the newspaper in question. The Internet and it's ability to encourage people to be challenged by new ideas is not compatible with their interests. While the call is to stop "porn" now, we all know it's the first step down a slippery path.
Personally I think Zappa gives the best advice here:
"I hate to advocate drugs, alcohol, violence or insanity but they've always worked for me" - HST
Hey, I'm really pissed
They are fu**ing with the only source for an slashdotter to know what the world fu** really means
Sounds like you just reinvented the evil bit!
Why a port?
Here is my idea, require a <porn> or <adult> tag on all sites that contain porn or are intended for an adult audience.
We could also implement a <safe=040382672178283940405> code for all sites that are safe for children... which only major sites would bother registering for... this would let parents lock down their computers. You can either now allow porn or only allow approved sites...
Good idea? I think requiring a different port would only lead to mass censorship.
It's not just porn that needs filtering. Ever do research on Google and have to wade through tons of irrelelivant hits? I honestly think Google could improve searching and help people self select content in one stroke. A quick metatag, or equivalent, that encodes subject type and maturity level would be happily picked up by web designers ... if it helps drive traffic. And it could. If Google had an option that let you say "I want to limit to X" then those people who are promoting "X" will be highly motivated to include that tag on their page. The tag couldn't be used for multiple subjects, or it would act as a key word search again. But if I could say "I'm looking for an ACADEMIC ABSTRACT" then I won't find porn, commerical sites, or little Susy's musings. I'll find abstracts. On the flip side, a browser filter that people can self select to avoid certain types of content based on the tags isn't censorship. It's personal choice.
The world is made by those who show up for the job.
(BTW, I'm joking)
_______
2B1ASK1
Parents would decide to either have a child friendly IP addresss or not.
My children have already informed me that they've made lots of new friends on the internet. I'm glad that I unblocked 6667. One of them even offered to buy her a very special wardrobe, if she'd install a webcam.
Because except for them, I can't really see how you can get from anywhere on disney.com to a porn site in a single click.
> If you want to make the web safe for impressionable .kids domain that is heavily
> people, then create a
> censored (expensive to register a subdomain, money
> goes to policing it) and only allow children who
> are likely to be traumatised by seeing sex / violence
> / social commentary / intelligent conversation /
> whatever to browse that, at their parents discression.
The funny part of this is that most of the "children" who
seem to be traumatised by sex/violence/etc seem to be OVER
the age of 18. Go figure.
I just read through CP80's "technical briefing" which I'd strongly recommend /. readers review (it's located at: http://www.cp80.org/solutions/ ). Treating the matter seriously (which isn't easy), there are a few observations:
/is/ a potential solution that addresses the unlikely mandatory compliance aspect and approaches the content filtering on an optional basis (usable for those that wish to integrate it) and I'll post and draft it out this morning so there's evidence of prior art (we know how the SCOG folks have a difficult time understanding how intellectual property works). I'd be willing to push it further into a public commons patent application e.g. under ODSL's patent commons (just so CP80 doesn't make the same mistake SCOG did by thinking they owned other people's IP and get congressional support behind misappropriated property).
Viability: CP80 isn't. When you misunderstand the very basics of the subject material from the start (such as this nonsense: "Ports & Protocols = Internet Channels")a few minutes with RFC 1700 would be a good start for CP80's technical advisors, if they have any). Consider the following CP80 quote:
There are over 65,000 Internet channels available on the Internet today. These channels are already used to categorize content and services.
No they're not. They're used to correspond to applications that operate at a known port. This is much lower in the OSI model, where content filtering typically requires application awareness (OSI layer 7).
ISP Administration: CP80 wants ISPs to offer you channels (as if the believe ISPs create the content, which you'd have to do in order to control the content at the appropriate layers), presumably 80 & 443 for "clean content", perhaps 81/444 for rated PG (sorry hosts2 nameserver and snpp), 82/446 for R and 83/447 for X (working around microsoft-ds at 445 for the moment). Should we go down this path, this probably will be the necessary incentive for providers to move residential broadband completely to an opt-in protocol/port model and quit blocking ports. We'll just enable the few basics - your "web channels" (ugh), a mail channel that only goes to us and perhaps a couple of others necessary for audio/video streaming and such. We'll push all through proxies to make sure you're not tunneling something other than the desired protocol (and still, there will be ways around this). It's a radical departure at significant expense and unfortunately doesn't quite work (as most things that ignore Internet architecture do). Coordination between all ISPs, NSPs, OS and software vendors, standards bodies and content providers would be rather necessary and mandatory.
There
An effective approach is to use a shim protocol, similar to how MPLS is implemented (and wedged), that would insert a content header immediately ahead of the IP datagram. The datagram would specify content settings and either be processed by equipment (CPE, firewalls, routers, PCs, etc.) that are Content-Shim aware or ignored by those that aren't. Service providers could implement it and push administration of the filtering to the end-user (though this assumes content providers are using the shim protocol as well as they push out traffic). Done at this level, it is independent of port management issues and other unworkable nonsense.
Contact me if you'd like to work on a content shim on sourceforge with the prototype code under GPL and intellectual property donated to ODSL patent commons.
*scoove*
(scoove-at-yahoo.com)
instead of a port, howbout a domain? it'd be super-easy to block adult content if all of it existed on .xxx domains.
then again, little horny hackers could memorize some IPs and bypass DNS.
In Lorain, OH, the library had computers with internet access set aside for kids and only kids (under the age of 12, I believe, and I think they changed it to under 9). They also only had chairs in that area that were comfortable only for small children.
They also had and have a disclaimer that they would not be stand-ins for parents.
Talks with the staff demonstrated that they were unaware that:
1. Children of such an age should not be unaccompanied by adults.
2. Most children of that age cannot read and lack other skills necessary for the utilization of a computer.
3. To the extent that some of the children are school age, they are required by law to be in school for a specified time several times out of the year, during which they cannot use the library computers set aside for them.
4. While adults generally have to have jobs, their job options are flexible enough that a good number of them can be into the library during the time that children of school age have to be in school.
5. People are children of the ages that they have computers set aside for, for a relatively short time of their lives, so the number of patrons that are not in that category vastly outnumber those that are.
On the basis of these facts, I tried to explain to them that dedicating those computers for the use of children was an extremely inefficient use of resources, but they would not hear me out.
They do not appear to have material regarding their computer allocation and policy regarding chld only computers online, so it's hard to speak definitively, but the whole point is to illustrate how those who try to make decistions with kids in mind may have no idea what a kid is, nor remember their own childhood well.
If you think porn scars a kid... wait until he gets a girlfriend.
~Ben
Right?
You know the kind with the hansom young Nazi officer on all fours with a leash around his balls being held by a burly black man saying, "So, what were you a saying about being part of the master race?"
que the porn music
that's still ok right?
"You can see I know very little about pimp policy." George McGovern.
I'm currently getting ready to set up a squid proxy/content filter for a local boys and girls club. The lab has 30-40 kids ranging from 6-10 years old with only one instructer... huge liability. The thing that strikes me as wierd is that the internet is full of FREE porn, but good porn blacklists cost big bucks (well for a small town boys&girls club anyway). Most offer "grey lists" and age appropriate lists. If these politicians really want to help they would hire a good blacklisting company to provide these lists for free. Then there would be no major change in the internet and people who need to do some filtering (like childrens charities) could choose to use the filtering. dan
I really don't want my kids to be exposed to religious preaching without my being there to explain the lack of objective fact that underlies it, as well as the various brands of greed, hypocracy, and political control that are being excercised, subtly or otherwise.
Currently, I manage this by ensuring that I am there when they surf. I am perfectly ready to admit this is more difficult than having someone lock all religious material away from their eyes. That, however, does not (in my opinion) so much solve a problem as it does cause one: Now they know nothing about it, and they're going to be curious, and probably chase it down when I am not around. Still, I'd have more free time, and that has value, even if gained at the expense of my children's ability to deal with reality.
So: If you want porn put on a particular port, I want religion put on its own port as well.
Now, if you don't like that: Why exactly should your failure to monitor your children's activities on the Internet have priority over my failure to do so?
On the other hand, If you do like that: exactly how many things offensive to some segment of the population shall we lock away on specific ports so it is "easy" for parents to opt out? There are millions of issues, and only 65536 ports. So there's a practical issue as well as an administrative one.
Finally, why is software like "Net Nanny" not a reasonable answer if you want to censor your child's network experience? Why is ghettoizing better?
I've fallen off your lawn, and I can't get up.