Slashdot Mirror
Security Flaws In Aussie Net Filter Exposed
Faldo writes "There's a three-part interview with a computer security expert on BanThisURL that goes into the flaws in the Aussie net filtering scheme. In addition to SSH tunnels and proxies, more worrying problems like trojaning the boxes to set up man in the middle attacks (which the interviewee has done in his lab), cross site scripting and the Australian blacklist leaking are all discussed. Worrying and relevant, especially since Thailand's blacklist has just been leaked."
The concept itself is flawed. Centralized filters will never work, and any filtering system is imperfect. The best we can do is have individuals ascribe a reputation to a particular resource and based on trusting others' ratings we can tailor the firehose to our liking.
Anything else is just a way for some fearmongers to stay in office and/or make a quick buck.
...it will only serve to piss off those that can't circumvent the firewall (or unskippable anti-piracy adverts in the case of legit DVDs)
To do something right, you often have to roll up your sleeves and get busy.
that things are unhackable.
"If you code it, it will be hacked!"
The Titanic was an example of what should be called Cockyisms. (The beliefe that one is better or their product is better than it truly is.) in this case, Unsinkable...and we all know how THAT turned out!
DVD encryption, DRM and now Net Censorship...the tighter the grip, the faster they will lose control.
So Jesus, Mohammed and Abraham walk into a Bar....
doesn't the govenment publish the blacklist? this isn't like other countries where they just pretend like there is no filtering going on at all.
--
Stay tuned for some shock and awe coming right up after this messages!
If a proposal is only going to stop a small proportion, stomps all over civil liberties, could potentially break important protocols, can be circumvented by the technically savvy (which tends to include the very people who the proposal alleges it can stop) and introduces dangerous new security flaws, then I'd say the proposal ought to be rejected.
Let's be clear here. All this plan may do, at the very best, is catch the technically challenged pedophiles. That's a best case scenario, and basically undermining an entire country's Internet access to catch this group is rather like a sniper sitting on an overpass randomly shooting at cars because some of those cars may be driven by drug dealers. Yes, it's true, some small number of drug dealers may actually be killed, but if that's your idea of policing, then we might as well declare everyone guilty, take away their computers and call it a day.
The plan is idiotic, it's proponents are at best naive, and international child abuse won't be dented by it.
The world's burning. Moped Jesus spotted on I50. Details at 11.
The industry isn't afraid of Fergie being downloaded, it's afraid of The Station being downloaded.
They should be. But I don't think the industry, that didn't even see P2P coming, has that much collective intelligence or foresight.
I think what they're really afraid of is a generation of potential consumers who give no thought to the copyright status or label affiliation of an album, who don't care if their downloads are legal or not. They're afraid of a culture which doesn't even consider paying for music. They're afraid that their role as musical gatekeepers will become obsolete. They're afraid that their product will have to compete with all others on a level playing field. And they should be.
... and that's when the C.H.U.D.'s came at me.