Slashdot Mirror
Security Flaws In Aussie Net Filter Exposed
Faldo writes "There's a three-part interview with a computer security expert on BanThisURL that goes into the flaws in the Aussie net filtering scheme. In addition to SSH tunnels and proxies, more worrying problems like trojaning the boxes to set up man in the middle attacks (which the interviewee has done in his lab), cross site scripting and the Australian blacklist leaking are all discussed. Worrying and relevant, especially since Thailand's blacklist has just been leaked."
The concept itself is flawed. Centralized filters will never work, and any filtering system is imperfect. The best we can do is have individuals ascribe a reputation to a particular resource and based on trusting others' ratings we can tailor the firehose to our liking.
Anything else is just a way for some fearmongers to stay in office and/or make a quick buck.
...it will only serve to piss off those that can't circumvent the firewall (or unskippable anti-piracy adverts in the case of legit DVDs)
To do something right, you often have to roll up your sleeves and get busy.
that things are unhackable.
"If you code it, it will be hacked!"
The Titanic was an example of what should be called Cockyisms. (The beliefe that one is better or their product is better than it truly is.) in this case, Unsinkable...and we all know how THAT turned out!
DVD encryption, DRM and now Net Censorship...the tighter the grip, the faster they will lose control.
So Jesus, Mohammed and Abraham walk into a Bar....
As long as Microsoft can keep up-to-date with their current security holes, then yes. However, with it taking them weeks to release patches for some of the biggest holes (recent IE flaw) that plan gets shot to shit fast. Even with all the latest patches, any system, be it Windows, your favorite linux distro or OS X, there's always holes waiting to be found and exploited. It's not how well the user is at running system updates, but how well the OS developers respond to critical security flaws.
If stopping 100% of the users from getting indie music is the goal, then it fails. However, if stopping or impeding 50% of indie music perhaps it could be labeled a success? Becaue that's what this is about - stopping the use of a legal and legitimate product to destroy an industry's independant competetion.
The industry isn't afraid of Fergie being downloaded, it's afraid of The Station being downloaded.
Free Martian Whores!
doesn't the govenment publish the blacklist? this isn't like other countries where they just pretend like there is no filtering going on at all.
--
Stay tuned for some shock and awe coming right up after this messages!
While projects like this might hit their modest targets initially, they're totally doomed in the long term.
If 1% of users can get around it with highly technical trickery, it's not going to be long before one of those 1% packages the workaround up into a nice one-click piece of software that everyone can use. Just look at CSS. It only took one DVD-Jon to figure it out and now CSS is effectively useless.
That's why I think lots of people argue that it's either 100% or don't-bother.
If you set the goal very low, like stopping 50% of bad data, but accept blocking 50% of good data as well, then it's almost impossible to fail. simply deleting 50% of traffic would satisfy that goal, and doesn't even need any filtering at all.
Making a filter that stops more bad traffic than good traffic is very difficult, especially when the amount of good traffic is very large.
If a proposal is only going to stop a small proportion, stomps all over civil liberties, could potentially break important protocols, can be circumvented by the technically savvy (which tends to include the very people who the proposal alleges it can stop) and introduces dangerous new security flaws, then I'd say the proposal ought to be rejected.
Let's be clear here. All this plan may do, at the very best, is catch the technically challenged pedophiles. That's a best case scenario, and basically undermining an entire country's Internet access to catch this group is rather like a sniper sitting on an overpass randomly shooting at cars because some of those cars may be driven by drug dealers. Yes, it's true, some small number of drug dealers may actually be killed, but if that's your idea of policing, then we might as well declare everyone guilty, take away their computers and call it a day.
The plan is idiotic, it's proponents are at best naive, and international child abuse won't be dented by it.
The world's burning. Moped Jesus spotted on I50. Details at 11.
The industry isn't afraid of Fergie being downloaded, it's afraid of The Station being downloaded.
They should be. But I don't think the industry, that didn't even see P2P coming, has that much collective intelligence or foresight.
I think what they're really afraid of is a generation of potential consumers who give no thought to the copyright status or label affiliation of an album, who don't care if their downloads are legal or not. They're afraid of a culture which doesn't even consider paying for music. They're afraid that their role as musical gatekeepers will become obsolete. They're afraid that their product will have to compete with all others on a level playing field. And they should be.
... and that's when the C.H.U.D.'s came at me.
So almost exactly like creating a filter to block bit torrent under the pretense of stopping child porn?
Right, because American gun ownership has obviously done wonders for stopping its government from harassing its citizens. Or maybe you'd just rather keep on thinking it has.
It won't stop pedophiles at all. It'll stop those seeking child pornography on the internet, but it won't do crap to stop the actual abuse of children.