Slashdot Mirror
Ports for Porn - Using Firewalls to Block Porn
vicpylon writes "A Utah businessman and his non-profit organization wants to limit pornography to certain ports in the TCP/IP protocol. He is literally suggesting legislatively restricting porn sites to certain ports, so that the "offensive" content is easier to block. This is not workable on so many levels that it is laughable. International adult sites not subject to US laws, proxy servers, enforcement issues all leap to my tired mind as major flaws in his plan. He is lobbying congress, so do not be surprised to see this discussed by some headline grabbing politico.
"
Port number 69?
"I think it would be a good idea" Gandhi, on Western Civilisation
Unfortunately, what I want to restrict, in general, is the power of the people in charge... Political types just aren't very good at running things for anyone but themselves and their buddies. This is not a (particular) jibe at the Bush administration, just a general observation about the worst suck-ups on this planet, the politicians.
It was a joke! When you give me that look it was a joke.
The TCP port that will be used for it is obviously 69. Actually, this is a great help, as a simple "tcpdump -w pr0n.log 'port 69'" writes all the porn downloaded by your colleagues to a tcpdump file, from which all the video and image files could be extracted later.
A monkey is doing the real work for me.
That if your kids are doing it, a.) you might want to try getting more involved with them so they understand why you think porn is "evil" and b.) they may not actually be hurt by it, but who knows. As for the technological aspect, it is ridiculous, but people don't seem to understand these sort of things when they suggest them. Now whoever opposes it, even if on the basis of saying it won't be plausible, they will be "unpatriotic"!
Hmm - this wingnut used to be the CEO for The Canopy Group and is a major SCO stockholder? Yeah, he'll be the first guy I run to for tech advice....
Please stand clear of the doors, por favor mantenganse alejado de las puertas
Time and time again we see that the courts and politics in general are just flat out not equipped to handle technical issues- then throw in people who don't know much about technology to begin with and you really have a problem.
I don't know if there is a solution but to wait long enough to get a techy judge in the supreme court (and lower courts hopefully), get techy guys in congress, etc.. Some how I don't think we'll live long enough.
It really is obvious, but one of the reasons this wouldn't work is that it would force all porn transports (HTTP, Usenet, FTP, Bittorrent, ...) to listen on the same port number. Yeah, it could probably be done if there's a truly dire need to do so (eg. on corporate firewalls, everything proxies over :80 these days), but it's almost certainly always a bad idea to do.
This idea is doomed for the same reason that the
____
~ |rip/\/\aster /\/\onkey
Porn in other words.
The "business man" in question, Ralph Yarro, is the guy that used to run Canopy group (SCO's largest shareholder) until he was ousted after a battle with the Noorda family over control. Hardly the kind of guy you'd want involved in anything requiring a sliver of ethics...
Then your computer and kids will be safe from p0rn from the Internet
Utah Woman Deletes the Internet! By Tom 7 (Dissociated Press) REDMOND: Millions of frustrated calls rushed into internet service providers this past thursday as "The Information Superhighway" was reported Missing In Action for several days. The Internet Engineering Task Force (IETF) traced the problem to a home in Utah where Doris Packuko resides. She was allegedly found "hysterical and crying", police say. "That much information flowing through the phone lines all at once generates a lot of heat," Doug Wernicke of the IETF told us, "We just followed the smell of burning fiber optics." "Apparently, she just deleted The Internet right off her desktop. Even after being warned, 'are you sure you want to delete The Internet?', she persisted." Experts claim that this is a major problem with The Information Superhighway, perhaps even worse than animal pornography. "The Internet is a great cooperative work, built by millions of people. It is so unfortunate that it can be ruined by just one person. Thank God we were able to save it," commented Packuko's neighbor. The IETF was able to recover most of The Internet by opening up Packuko's Recycle Bin and dragging The Internet back onto the desktop. The rest was restored from the master backup copy kept on Zip Disk in the pentagon. Puckuko claims ignorance was the cause of her act. "I just didn't know. I was trying to clean up my desktop and I deleted it. I ... I just didn't realize."
Microsoft Corporation reports that they are currently working on a bug fix.
Is to implement a special top-level-domain for porn, something like the .xxx domain that was proposed (and rejected IIRC).
That would have almost no technical issues and be just as easy to block as this braindead proposal.
Everyone okay with that?
Blearf. Blearf, I say.
So to sum it up: A Utah businessman nobody cares about plans on asking politicians to implement an unworkable idea. This wouldn't make page 9 of a high-school newspaper, what's it doing on Slashdot?
Slashdot: providing anti-social weirdos a soapbox, since 1997.
The first problem: What's porn? The second problem: Who decides what's porn? The third problem: Who enforces it?
If someone says he and his monkey have nothing to hide, they almost certainly do.
There are only 61538 ports. That's barely enough to categorise my personal fetishes, let alone everyone else's. Where on earth are we going to leave all the other content?
.."port knocking" and "port sniffing".
International adult sites not subject to US laws
True, but just getting US-generated and US-hosted porn under control, as well as porn passing through US-owned ISPs, would account for quite a lot of sites, and an awful lot of the sites that tend to pop up in Google. America is regularly cited as one of the obstacles to dealing with Internet porn - if it took any steps, however technically incompetent, to address the issue, it would make an enormous difference.
I realise that restricting access to porn may not be a subject dear to the heart of all /.ers, but I have the impression that most of the rest of this thread is going to boil down to "no-one can do a thing about porn, la la la la I can't hear you", when the reality is that a lot of people around the world would like to see the present situation changed, and, one way or another, sooner or later, that will result in legislation. And if a solution is finally imposed, it may well turn out to be as draconian as the French government's anti-nazi legislation, which has been successfully imposed on Yahoo.
Virtually serving coffee
I particularly love the notion that they have that, by sequestering porn off to its own ports, they'll manage to avoid the risk of infringement of First Amendment rights that has come with things like the CDA. But I guess they really aren't thinking about WHO will decide what is and isn't porn, are they? :)
For your security, this post has been encrypted with ROT-13, twice.
At least it's not a dupe... yet.
There is currently a petition being driven by my local MP to try and ban 'violent pornographic websites' see BBC http://news.bbc.co.uk/1/hi/england/4460828.stm[BBC News]. Whilst not directly related to this article it is an example of the general public thinking that something can actually be done about these things!
Whilst I have a lot of sympathy for Liz Longhurst who has lost her daughter I do wish that my MP and other MPs would spend 30mins talking to some IT guys to discover that this is an impossible task. Currently they must be wasting lots of time at the taxpayer's expense.
If anyone else in the UK feels the same as me then please use the http://www.writetothem.com/ Write-to-them website to get a message to your MP!
If you want to make the web safe for impressionable people, then create a .kids domain that is heavily censored (expensive to register a subdomain, money goes to policing it) and only allow children who are likely to be traumatised by seeing sex / violence / social commentary / intelligent conversation / whatever to browse that, at their parents discression.
Feel free to moderate this redundant, since exactly the same point was raised in all of the articles about the .xxx domain.
I am TheRaven on Soylent News
The xxx tld was a better idea. Is the urban legend that it was struck down by the US conservative Christian right correct, or Slashdot propoganda? Even if this were possible, it would probably don the same fate.
What a boon if done. Think about it! Law enforcement would only have to monitor one port for specific traffic. If you were caught off port then you are already breaking the laws. Not only would companies be able to filter, but ISP's would be able to charge extra for Porn Ports. YOu want this access to this content and wham! it's an extra $19.95. Don't believe it? What about comcastic locking down port 25? NNTP dying on the vine just add Porn Ports? Are we going to need specific Porn Browsers? AOL will be able to charge extra for adult access. This has all the novelty of another idealogues attempt to protect the wayward from themselves.
--- Location Unknown
Something about other governments wanting to impose censorship on the net?
Oh, you meant evil censorship of things the US government approves of rather than good censorship of things it disapproves of....
From TFA: "we are all hard-core technology businessmen".
How appropriate.
"If you think the problem is bad now, just wait until we've solved it." --- Arthur Kasspe
you even did not see the dept. this article comes from ("the i-can't-define-pr0n-but-i-know-it-when-i-see-it dept.") There IS NO Porn. A breast cancer site shows women (some of them beautiful) touching and massaging their own boobs. Is a Victoria's Secret catalog porn? To prohibit something, you should be able to define it first.
One absurd example: my son, one year and a half ago (he was four) took all his clothes by the pool; my wife snapped a picture of him as he had done so. Some jurisdictions consider possessing a picture of a nude 4yo as child porn, with some stiff criminal penalties. Does this seem reasonable to you?
It's better to be the foot on the boot than the face on the pavement. ~~ tkx Kadin2048
The controlling interest in Utah will not be happy and will not stop until the State is blocked off with something like the Great Firewall of China. Look at who owns the newspaper in question. The Internet and it's ability to encourage people to be challenged by new ideas is not compatible with their interests. While the call is to stop "porn" now, we all know it's the first step down a slippery path.
Personally I think Zappa gives the best advice here:
"I hate to advocate drugs, alcohol, violence or insanity but they've always worked for me" - HST
It's not just porn that needs filtering. Ever do research on Google and have to wade through tons of irrelelivant hits? I honestly think Google could improve searching and help people self select content in one stroke. A quick metatag, or equivalent, that encodes subject type and maturity level would be happily picked up by web designers ... if it helps drive traffic. And it could. If Google had an option that let you say "I want to limit to X" then those people who are promoting "X" will be highly motivated to include that tag on their page. The tag couldn't be used for multiple subjects, or it would act as a key word search again. But if I could say "I'm looking for an ACADEMIC ABSTRACT" then I won't find porn, commerical sites, or little Susy's musings. I'll find abstracts. On the flip side, a browser filter that people can self select to avoid certain types of content based on the tags isn't censorship. It's personal choice.
The world is made by those who show up for the job.
(BTW, I'm joking)
_______
2B1ASK1
Because except for them, I can't really see how you can get from anywhere on disney.com to a porn site in a single click.
I just read through CP80's "technical briefing" which I'd strongly recommend /. readers review (it's located at: http://www.cp80.org/solutions/ ). Treating the matter seriously (which isn't easy), there are a few observations:
/is/ a potential solution that addresses the unlikely mandatory compliance aspect and approaches the content filtering on an optional basis (usable for those that wish to integrate it) and I'll post and draft it out this morning so there's evidence of prior art (we know how the SCOG folks have a difficult time understanding how intellectual property works). I'd be willing to push it further into a public commons patent application e.g. under ODSL's patent commons (just so CP80 doesn't make the same mistake SCOG did by thinking they owned other people's IP and get congressional support behind misappropriated property).
Viability: CP80 isn't. When you misunderstand the very basics of the subject material from the start (such as this nonsense: "Ports & Protocols = Internet Channels")a few minutes with RFC 1700 would be a good start for CP80's technical advisors, if they have any). Consider the following CP80 quote:
There are over 65,000 Internet channels available on the Internet today. These channels are already used to categorize content and services.
No they're not. They're used to correspond to applications that operate at a known port. This is much lower in the OSI model, where content filtering typically requires application awareness (OSI layer 7).
ISP Administration: CP80 wants ISPs to offer you channels (as if the believe ISPs create the content, which you'd have to do in order to control the content at the appropriate layers), presumably 80 & 443 for "clean content", perhaps 81/444 for rated PG (sorry hosts2 nameserver and snpp), 82/446 for R and 83/447 for X (working around microsoft-ds at 445 for the moment). Should we go down this path, this probably will be the necessary incentive for providers to move residential broadband completely to an opt-in protocol/port model and quit blocking ports. We'll just enable the few basics - your "web channels" (ugh), a mail channel that only goes to us and perhaps a couple of others necessary for audio/video streaming and such. We'll push all through proxies to make sure you're not tunneling something other than the desired protocol (and still, there will be ways around this). It's a radical departure at significant expense and unfortunately doesn't quite work (as most things that ignore Internet architecture do). Coordination between all ISPs, NSPs, OS and software vendors, standards bodies and content providers would be rather necessary and mandatory.
There
An effective approach is to use a shim protocol, similar to how MPLS is implemented (and wedged), that would insert a content header immediately ahead of the IP datagram. The datagram would specify content settings and either be processed by equipment (CPE, firewalls, routers, PCs, etc.) that are Content-Shim aware or ignored by those that aren't. Service providers could implement it and push administration of the filtering to the end-user (though this assumes content providers are using the shim protocol as well as they push out traffic). Done at this level, it is independent of port management issues and other unworkable nonsense.
Contact me if you'd like to work on a content shim on sourceforge with the prototype code under GPL and intellectual property donated to ODSL patent commons.
*scoove*
(scoove-at-yahoo.com)
I'm currently getting ready to set up a squid proxy/content filter for a local boys and girls club. The lab has 30-40 kids ranging from 6-10 years old with only one instructer... huge liability. The thing that strikes me as wierd is that the internet is full of FREE porn, but good porn blacklists cost big bucks (well for a small town boys&girls club anyway). Most offer "grey lists" and age appropriate lists. If these politicians really want to help they would hire a good blacklisting company to provide these lists for free. Then there would be no major change in the internet and people who need to do some filtering (like childrens charities) could choose to use the filtering. dan