Slashdot Mirror
5 Concerns About Australia's New Net Filter
daria42 writes "As you might have heard, this month Australia gets a new Internet filter, using Interpol's blacklist of 'worst of the worst' child pornography sites. In general, it seems like most people don't object to the idea in principle, but concerns are being raised around the transparency of the scheme, which so far has no civilian oversight, unclear backing legislation and an appeals process which does not exactly inspire confidence. Why is it those who want to implement this kind of filtering never quite address these sort of concerns up-front?"
They're not network engineers. They just don't get it.
Have you heard most laypeople give theories on how computers and the internet work? They assume it's all magic, which probably explains why things like transparency and oversight end up being an afterthought.
Viable Slashdot alternatives: https://pipedot.org/ and http://soylentnews.org/
Because by flying the "We are protecting the children" flag they can be immune it criticism. Anyone who opposes is a supported of child porn.
Just like any one who opposes the massive privacy breaches in the USA is in support of the terrorists.
"Maybe this world is another planet's hell"
Aldous Huxley
Why aren't the authorities using their resources to actually find, arrest, and confine the people who actually produce child pornography?
The whole point is to prevent free information flow so that directed information (aka propaganda) can be supplied. Any filter-list that can be scrutinized would fail to allow such use.
He who controls the flow of information controls the world...
If they want this kind of authority over the internet, they need to create a good frame work that will open the process up to the public.
Why can there not be a public list of blocked websites? And how hard is it to set up some sort of oversight that allows for an appeals process for wrongfully blocked addresses?
I know the answer is most likely "because they don't care" but still, have they even tried to come up with a reason for these shortcomings? Or is it pretty much just going to be one of those "well, if you're against this you must be for child porn, because we live in a world that has no gray area whatsoever" that is so typical in cases like these?
At least Interpol is a police organisation. Here in the UK we already have a completely unaccountable charity organisation with no government oversight that decides what to block - complete with frequent false positives, like the well-publicised Wikipedia blacklisting.
They do not address the issues of oversight and transparency because they want neither. They are using the horrifying crime of child sexual abuse as a shield to deflect objections to censorship, and it has worked. Governments the world over want more oversight and control over what their citizens do. In some cases (China) they simply implement that control to their heart's content. In others, like the USA, I am sure our own government will be watching how the public reacts intently - with an eye towards similar measures here at home.
Because by flying the "We are protecting the children" flag they can be immune it criticism. Anyone who opposes is a supported of child porn. .
So, if one is able to access the child porn with this filter in place, can they sue? This filter is supposed to protect people and if one were able to access this material for whatever reason, then that means the filter failed and I have been injured by seeing that material due to their negligence and I should be able to sue the Government on the grounds that they have explicitly stated that they are protecting me. Yes?
Trust me - lots of us oppose this on principle. However, there is a massive amount of fatigue regarding this issue - every objection raised to it is either ignored or labelled as "supporting child porn".
As a result, the only way we can see to oppose it is on technical and transparency grounds. It's still being ignored, but at least we're on unassailable technical footing here - the filter is useless for its stated purpose (preventing people inadvertantly finding CP) and is trivial to bypass in any case (as admitted by Optus). And because the blocklist is private, it could be easily expanded to cover anything (for those people not technically-minded or politically-minded enough to change their DNS settings).
I chose my ISP (Internode) for several reasons - one of which being Simon Hackett's oft-stated position that they will not filter anything unless required by law.
Here's the interpol stop page.
I can't seem to find the blacklisted domains on Telstra and Interpol's sites. Is my google-fu too weak or is the list kept secret?
If it's latter, how am I supposed check whether my site hasn't accidentally ended on the blacklist? Use an Australian proxy?
I found it deeply ironic that the list of censored sites is itself censored.
Summary slightly inaccurate, this is Telstra/Optus and a few smaller operations (who already offered filtering) who are enabling voluntary filtering. There are plenty of ISPs refusing to implement the filter until it becomes legislation and will fight it with everything they can before then. This will do nothing but make many more customers go to the smaller operators who have better customer service, better pricing etc.
The other stupid part of this is that it is DNS based and the work around is to use different DNS servers. Who actually uses their ISPs DNS servers? I haven't in years!
# cat
Damn, my RAM is full of cats. MEOW!!
if the sites are so bad why not go after the site directly instead? too easy?
guess trying to fix the problem not abuse it for something else is a good opportunity going to waste
The government is there to protect you, whether you want it or not.
I want to delete my account but Slashdot doesn't allow it.
Because the point of modern legislation is to make it so ambiguous that as many people as possible who aren't yet paying you are in constant fear of criminal prosecution.
Arrogance might be a factor. Here in Finland the ministers responsible never really even wanted public interest groups like Electronic Frontier Finland to participate in any discussions regarding laws like internet filtering or the infamous Lex Nokia that gave companies rights to monitor their employees' message traffic headers. In Finland all this culminated in a local Internet activist who publicly criticized shortcomings in the preparations of internet filtering getting filtered, labelled a paedophile and punished. This in turn led to a court case that ended in a decision that the police had greatly abused the rights given to them.
In Finland, the ministers seem to get more and more convinced that they don't need to listen to the citizens; that's when they're not completely bought or led like the minister responsible for our new, stricter, iPRED compatible copyright law...
I don't understand the need to "block" child porn sites. If Interpol knows about them why aren't police officers or special forces actually going after the host? If every government in the world is seriously opposed to child porn surely this would happen and if there are governments who aren't opposed they need to be educated. Seriously stop blocking them just eradicate them?
I have been wondering for so long I have given up hope of ever knowing !!
The only ISPs to have signed up to the filter so far are the 2 big boys (Telstra and Optus).
A number of big ISPs (including the #3 provider iiNet as well as Internode and TPG) have specifically said they will not filter anything unless they are legally required to do so.
Anyone smart enough to care about the Internet filter should be smart enough to know that Tel$tra and Optarse are junk and should be avoided if alternatives are available (if you can get DSL from BigPond or Optus, you can also get DSL from better options like Internode, iiNet and others)
The censorship that is going on here in Australia would never work in America. Here in Australia we have a consistent history of censoring all forms of media. Our constitution is partially based on the US one but it only protects "political" speech, so we have always followed the British model of comprehensive censorship of non-political subjects.
Any kind of industry agreement in the US, which couldn't be "assisted" by the government like it is here in Australia, would last until one ISP figured they could make more money selling unfiltered access.
========
CINC, 4th Penguin Legion
Opponents of this can't easily beat the media vibe it'll get. So the solution, I think, is to make it a felony to falsely block a site. Do it one better, make it so that no actual intent is required. If a government official even mistypes the domain name, they do a few years in prison. Absolutely not a single ounce of leniency for even the slightest human error.
When asked why being so harsh, just smile and say how important the filter is. Spin it as a way of assuring the public that the list really will be accurate and trustworthy, not a tool for anything more than the "obvious, legitimate need to block child pornography."
What child pornography? They keep talking about these sites but where are they? On occasion you come across a few pics that clearly skirts the line, but I figure those are just setup-ups by cops looking to bust people.
Could it be that most of the so called child-porn sites are black-ops to make an excuse for censorship?
If the politicians really cared, they'd leave the websites be so they could be used to track the material back to the perpetrators!
This is Interpol we're talking about, and the worst of the worst. And they've got a list of domain names they know to be serving this stuff up.
Why on Earth are they blocking access to these domains rather than busting down the doors of the sites where the servers are located?
I mean, really. It's Interpol. It's child porn. And the best tool they can think of is to set up a DNS filter?
What gives?
Cheers,
b&
All but God can prove this sentence true.
Basic logic here. If you take all adult porn down from the internet then magazine sales would go up. If you block all child porn then where would all those pedophiles go besides parks, book stores and schools.
Anyone who is against this filter needs to see the long game. This filter is great for the following reasons:
1) It is a CP filter. Any argument in future for a government backed filter because "think of teh children!" can be defused by pointing out we already have a voluntary industry filter. This is why the US movie industry has a self-regulated rating system.
2) It is trivial to get around. Even my mum could follow directions to circumvent this filter. It isn't going to cause traffic slowdowns or require expensive VPN's to foreign countries to get around.
3) There is no issue about the list being secret because anyone who tries to visit a blocked website will get a redirect telling them that it is on the block list. If this website is innocuous this information can be spread via social media and the like and used to harass the ISP's into unfiltering it. Corporations are a lot more responsive to public complaint then government departments.
4) The law IS unclear. This is great, as it means the authorities have no real ability to force ISP's to comply with this "industry" filtering agreement. Which means they can't just block new categories of content on a whim, or increase the sophistication of the filter.
In summary people against censorship should be for this filter because it is such a house of cards AND defuses the main argument the pro-censorship people use "do you want people to be able to view child porn?". Things will go to shit if the government is actually allowed to get really involved, because both main parties here have shown no fear of incredible infringements of civil rights (here in NSW we only just got our right of association back after legislation was struck down that prevented members of criminal motorcycle gangs associating with each other).
========
CINC, 4th Penguin Legion
The problem with these kinds of filtering schemes is the fact that they rely on allegations of illegality rather than on judgments which establish beyond a reasonable doubt that the website's operators are doing something illegal according to local or international law. The latter calls for the government to make its case against the website's operators in a proper venue, allowing the website's operators to mount a proper defense. At that point the government may as well seek to shutdown the website altogether, which shouldn't be a problem if those accused are truly engaging in illegal (and unethical) behavior.
"In prison you just have to shut your eyes and take it. Here you have to shut your eyes and give it."
the problem is there will always be a way for the false positives to block non-offensive sites ...
Child porn sites start using Biblical passages as euphemisms for certain things - "Lot's daughters" would be a wonderful search term for under age girl porn.
It'll get through the filters for a while and when it's discovered, Bible sites will be blocked and the Christian Fundies will start scaring the shit out of the politicians to remove the filters.
At least that's how it might go down.
Religion is a wonderful political weapon and it should never be put to waste.
Personally, I don't really see what the fuss is all about. The government is being nice and providing you with a safety net that prevents you from being taken to _extremely dangerous to visit_ web sites (ie: you will be raided if you visit this), and yet you are all complaining!
If you have ever been to an adult web site, you probably are familiar with the fact that 90% of them, randomly pop you over to an "affiliate" web site (which IMHO, is just the same site with different CSS...). Now what I want to know is why anyone wouldn't want their ISP stopping those addresses from being resolvable in the first place. Instead you see people bitching about "oh, it should be a public list!". Really? Are you serious? You think that the police should publish all the URL's of child abuse to a publicly downloadable list? Wow, some people need a kick to the head...
One of the more popular arguments I've seen on this is that there is a risk that some web site might be accidentally put on this blacklist, and there is no way to verify if it's on it at all, or something similar. I honestly think that people with concerns like this should really put a little more faith into governments and police organizations. They sound as if somehow their personal website or hotmail.com or youtube or something, is going to accidentally land up on some list which is likely hand maintained and verified. In other words, if a site is on that list, it's probably because just visiting it has placed YOU on a list.
As for the people complaining in the article about not being able to query the police/ISP/etc about possible accidental sites on a list, I really don't see why them saying that they cannot reply back to you on the matter is a problem. If they could comment or reply back, people would just start calling them 24/7 trying to game the system or social engineer the person on the phone into revealing information about the list. IMHO, I think it should be a one-way process where by, if you think a site you frequent has made it onto the list, you phone them up and let them know and cross your fingers that it was, and is a mistake. I'm sure that they would quickly correct the problem. Stop treating them like devils when they are just trying to protect you from a potentially embarrassing mistake.
My $0.02 :)
Really, how much child porn is on the internet? The largest pedo network in the world is the Catholic Church, how about spying and regulating this? The government's reputation on regulation is poor, the Wheat Marketing Boards, the Livestock export quango? Government types innately believe that they can better manage your life than you can, so this is one more way you can be monitored, for your own good. Oppose.
This happens in politics all the time. They bring up something that is morally wrong or questionable and then impose a law to regulate it somehow. While banning CP would be the ultimate victory, that would also mean that they would have to ban other things such as torrents, tor, p2p, and various other things and all they claim is banning the major sites that they know of. There is definitively something underneath this bill, governments don't just do things out of the kindness of their heart.
Known maliciously scripted sites/servers/hosts-domains & they DO have removal lists & ways to check on that too on many of them as well, vs. their databases (to see if any you are blocking should be removed). For example, I know of 17 reputable & reliable ones I use, & haul down on average 300++ sites per day to fortify my HOSTS file, & software firewall rules table with, every day (both in the forms of host-domain names & IP Addresses).
In fact - I am blatantly ASTOUNDED this has not taken place worldwide @ the DNS level, via DNSBL's being put into place to protect "Joe Public avg. internet non-geek user" from blundering into sites that ruin their systems, make them slaves of botnets, & steal their information + monies!
All I have seen, other than this child porn one out of "the land down under" (which I DO AGREE WITH, let kids be kids, & don't victimize them - life will do that on its own as it does to all of us to one degree or another eventually)?
Filters protecting "big business only"... that's bullshit to be blunt about it.
(& I've stated this here many times the past few weeks now on posts regarding the MPAA/RIAA & even this filter (this one I agree with though, by all means, though vs. child pornography (disgusting, and WRONG!!!)))
* Especially if these filters are being paid for by tax-payer monies, from ANY government putting them into place... that makes "Joe Public" the owner, not gov't. agencies or "big business only" (who face it, runs the show out there & always has when you come right down to it (the wealthy of the planet in other words)).
However, the thing is? Even the wealthy & BIG BUSINESS would benefit by it as well, since business & gov't. DO get "victimized" by malware makers + botnet masters as well!
The same types of lists also exist for DNSBL (DNS block lists) & a great one to use vs. the types noted above?
Norton DNS -> http://nortondns.com/ & you can even see how it updates every few minutes, here -> http://safeweb.norton.com/buzz
(It's really GOOD STUFF, & IF you're "security-conscious"? It only takes a minute to switch your system over to use them as your primary DNS... & same in your routers too!)
APK
P.S.=> Thing is, I've thought about it, as to WHY THIS ISN'T BEING INSTITUTED WORLD-WIDE @ THE ISP/BSP DNS LEVEL (like Norton DNS does, filtering vs. malware & bogusly scripted sites + bogus DNS servers, as well as botnet C&C Servers too):
About the ONLY thing I can come up with as to WHY this has not been instituted @ the ISP/BSP DNS level, is this:
"It might put PC techies out of a job!"
Well, that's crap: They have PLENTY of other tasks to do during the day (even though it can be up to 85% of their day, I know, I was one in between coding & networking jobs, working for ISP's & such, & much of it was fighting off malwares).
It's like saying:
"Yes, we CAN 'cure cancer', or drive it away to almost nothing... but, that'd put doctors out of a job!"
Again, crap - because doctors, like PC-Techs, have many other "maladies to deal with" during a day's work!
... apk
Because of this, there appears to be nothing to stop the Australian Federal Police from issuing much wider notices under the Act to ISPs, requesting they block other categories of content beyond child pornography, which are also technically illegal in Australia (‘Refused Classification’) but not blocked yet.
Awesome article. 5 concerns which are the opinion of some random guy who knows nothing about Australian law.
There is nothing illegal about Refused Classification content. NOTHING. There is no reason to block it. It is illegal to put on sale in Australian stores. It's not illegal to acquire, import, or even purchase online from another country. It is just illegal to sell in Australian stores.
They can still do a LOT OF GOOD, for the majority of "less technical users" online & save them from a lot of hassles. Sure, you CAN get around DNSBL by:
---
1.) Hardcoded IP addresses put into a browser address bar
2.) HOSTS file host-domain name to IP address entries
3.) Using a DNS that doesn't institute DNSBL's vs. anything
(Be it porn, illegal filesharing, or malware/botnets (though this boggles my mind anyone would be INTO being infested by this, almost as much as pedophile freaks do actually (who I think should be hung by their balls & shot at with notched bullets)).
---
Yes, & other methods too...
* However: The point is, that these kinds of lists can save those who are NOT aware of those methods, & keep them safe(r) than they are with DNS from ISP/BSP's not doing it @ all!
(In fact, in another post in this very exchange, I state how it "boggles my mind" more VALID & protective DNSBL's aren't put into place worldwide @ the DNS level for all ISP/BSP's out there & why I think it'd work "FOR THE GENERAL GOOD" -> http://yro.slashdot.org/comments.pl?sid=2311948&cid=36708742 )
APK
P.S.=> In fact, I'd almost wager that doing what Norton DNS does http://nortondns.com/ would help many a problem that's internet caused/based for EVERYONE that uses it, from "Joe Public avg. user" to "big business" too (If filters vs. malware, maliciously scripted sites, known bogus DNS servers, + botnet C&C servers etc. were put into place worldwide vs. them).
I actually THINK it would cut the # of online problem caused by these things by up to 90% easily...
... apk
My top 5 concerns about the new net filter:
1) _______________everything______________.
2) _____________________________________________________
3) _______________________________is ______going________
4) _____________to ___________ be ____________________________
5) _______________ fine ____________________ .
Because a VALID DNSBL can HELP them! How so? Look no further: Norton DNS -> http://nortondns.com/ & you can even see how it updates every few minutes, here -> http://safeweb.norton.com/buzz
These "noobz" you describe won't know how to work around these things, & thus, they are protected BY DEFAULT!
(It's really GOOD STUFF, & IF you're "security-conscious"? It only takes a minute to switch your system over to use them as your primary DNS... & same in your routers too!)
APK
P.S.=> Yes, there ARE relatively easy ways to "get around/past" DNSBL, but the point is, that most of these "noobz" you're describing won't know them, & it can protect them from being victimized by botnets + their C&C Servers, bognus DNS servers, maliciously coded sites, known bad sites/servers/hosts-domains that serve up malwares that steal folks information & monies too...
AND, yes, DNSBL's can even function to help BIG BUSINESS/The Wealthy too, as well as the "little guy/Joe Public" online!
(Because we are ALL 'consumers of the internet' big business included, & they also get abused by these things as well).
Boggles my MIND that ISP/BSP's worldwide haven't implemented DNSBL's the way Norton DNS does & why - to help stop the "malware plague" in essence, which we're ALL POSSIBLE VICTIMS OF!
... apk
PRIME example thereof? Ok: Norton DNS -> http://nortondns.com/ & you can even see how it updates every few minutes, here -> http://safeweb.norton.com/buzz
* The "noobz" others in other posts here described won't know how to work around these things, & thus, they are protected BY DEFAULT!
(It's really GOOD STUFF, & IF you're "security-conscious"? It only takes a minute to switch your system over to use them as your primary DNS... & same in your routers too!)
APK
P.S.=> Yes, there ARE relatively easy ways to "get around/past" DNSBL, but, the point is this:
Most of these "noobz" you're describing won't know them, & it can protect them from being victimized by botnets + their C&C Servers, bognus DNS servers, maliciously coded sites, known bad sites/servers/hosts-domains that serve up malwares that steal folks information & monies too...
Additionally, yes:
DNSBL's can even function to help BIG BUSINESS/The Wealthy too, as well as the "little guy/Joe Public" online!
(Because we are ALL 'consumers of the internet' big business included, & they also get abused by these things as well).
Boggles my MIND that ISP/BSP's worldwide haven't implemented DNSBL's the way Norton DNS does & why - to help stop the "malware plague" in essence, which we're ALL POSSIBLE VICTIMS OF! ... apk
Politicians do not like web sites exposing their activities, they've been wanting to shut this down for years. By using "the four horsemen of the Internet" they've managed to convince people that making sites disappear is to "protect the children".
The big clue: the secrecy surrounding the list of blocked sites. If they know which sites source child porn then they would be using existing criminal law to deal with them. No, it's other kinds of information they want to censor.
It may seem like there's no good solution. You can:
1. leave that kind of content unblocked.
2. block stuff and don't give anyone the list which causes severe suspicion and probably abuse of the filter.
3. block stuff and give out the precise filtered list, which obviously gives pervs an extensive list of illegal sites that they can visit when they get around the filter.
So it's a no win situation, right? It doesn't seem that way to me. How the hell do they just have a list sitting around? Shut the sites down. Find out who's allowing the domain registration to continue (if there is one, I guess it could be purely IP based) and find the hosting company or physical servers. "Pass the list to Australia" doesn't really seem like it would come up high on interpol's strategy list about what to do once a list of illegal sites was assembled. If it's a list of IPs or domains and they got everyone in the world to implement the filter, obviously the criminals behind it would just move IPs or domains. You don't fix the problem any other way than taking out the source.
This seems so obvious that I think it's evidence that Australia is using this as a poster boy excuse to implement a net filter whose primary purpose is not to block illegal porn.
If it weren't for them Australia would never get mentioned on places like Slashdot. There's more to the world than the USA. Australia is one of the greatest nations on earth. We're rich and sophisticated and in fact basically 'America downunder' yet we're constantly ignored. We should do a lot more of these controversial attention-getting things.
and participate in political censoring.
Blogging because I can...
see torrentfreak.com for the answer
Nice secret list they have there.
I know a lot of people on Slashdot might think that this is the thin of the wedge and the first step on the slippery slope towards a more comprehensive censhorship scheme the likes of what labour tried to bring in recently but to be honest I think that as long as this filter remains voluntary and restricted to hardcore CP then it wont get any airplay in the wider media at all because the average member of the public will be pretty much fine with it. The real question is a) will its current authority be expanded to material beyond hardcore CP and b) if its current authority expanded would the average joe have issues with it?
a) is up for debate however I would expect that joe public will be much more concerned if there was evidence of scope creep on the filter and therefore it would get more airplay in the wider media and be shot down as it was last time http://www.smh.com.au/technology/technology-news/conroy-backs-down-on-net-filters-20100709-10381.html?autostart=1.
The wider public has shown that they are fine with filters as long as it stays restricted to Child Porn only - anything further and governments can expect serious opposition from large sections of the community which can have repercussions for them at the ballot box which is exactly why the last aussie filter was shot down - it started to look like it was going to cost the labour party votes so they ditched it
Funny and Interesting things from all around the net
What I don't get is that they have to intentionally look at a ton of child porn sites to find out if they are child porn sites and put them on the list. Doesn't that make them criminals?
As this thread is a little misleading and Australia does not have a net filter but just two ISPs Telstra and Optus do, just vote with your wallet and churn away from them to Internode, iiNet or a million other ISPs.
If you remain on these 2 ISPs out of the many choices we have and have the gall to complain about filtering then YOU are part of the problem. By staying with these 2 rogue ISPs you are telling them it's ok.
Just publish the list and let societies extremists do their job. They'll accomplish what authorities can't - one way or the other.
I know why they want the list to be not in public hands. The "child pornography" thing is just a dirty cover. What they really want is to block access to websites full of pirated content.
It is mainly the money and not the protection of kids.
For layered security IN ADDITION to HOSTS files here (and firewall rules tables) for the utmost BEST in "layered security"... all per my guide for it here:
http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE
Now, to your MOST LIKELY erroneous statements, your question:
"But I don't use DNS servers" - by Anonymous Coward on Sunday July 10, @05:24AM (#36709862)
I'd wager you DO, & don't know it... check your Windows DNS settings in your IP Stack Properties in your network connection(s)... first of all.
Secondly? Check your router's interface page... it's usually HARDWIRED by your ISP's setup for it to talk to THEIR ISP/BSP level DNS (& is most likely NOT filtered vs. malware threats out there online by DNSBL).
---
"is this DNSBL downloadable to be incorporated in my hosts file?" by Anonymous Coward on Sunday July 10, @05:24AM (#36709862)
I do it via the "safeweb" page for Norton's data (see my 1st post)!
All, via a system I have written & re-written for best efficiency here in Python... & other DNSBL's are VERY easily incorporated via PyThon (or PERL, or any language that has RegExp which is most nowadays in some form) into a HOSTS file!
Easily too, once the code's written that is...
* In fact? Every 15 minutes here, I get updated into a copy temp of my original HOSTS file, which gets updated into the actual HOSTS file by OVERWRITE (not append, assuring it's clean here)!
That temp file's then:
---
1.) "Filtered off" vs. repeats, problem sites you shouldn't block either (the filter's immense, around 150 sites++) to avoid hassles with SOME sites that demand, say, adbanners (their images are served from the SAME servers is why for their other webpage content usually, so unless you want a Lynx like text only webpage experience? You HAVE to accept them!)
2.) My system also de-duplicates/normalizes HOSTS entries
3.) Plus it alphabetically orders the entries
4.) Lastly, it changes from the larger/slower less efficient "loopback adapter" address of 127.0.0.1 for blocking, to 0.0.0.0 which is smaller & faster to parse, AND DOES NO LOOPBACK OP EITHER (thus, more efficient), it's just a "DNS type blackhole" routing!
---
That ALL occurs here, without my raising a finger... pure "automagic operations"... & awesome, for extra layered security above system hardening & safe websurfing practices, + DNSBL via Norton DNS (& others as my secondary DNS for safety too, such as ScrubIT & OpenDNS in my Windows DNS settings AND my routers)...
ALL, for faster operations too via HOSTS files online!
So you know:
MUCH of that SAME process can be done in say, MySQL or Access too, via a SELECT DISTINCT * FROM but, it won't do it automagically gathering the data for you...
I started out doing it that way, circa 1997-2008, until the data sources grew to 17 I use... & the data got SO big & updated at all diff. times of day (sources are reputable & reliable, & international is why).
HOSTSMAN (see mvps.org) can do it for you though, automatically (but I don't think it's QUITE as fast or efficient as my Python system is OR as portable to other OS platforms)..
E.G.-> I wrote one before HOSTSMAN existed even, & used it from 2008-2010 in Delphi, was great, but "brute force" work sorts & dedups only!
Which was FINE back when HOSTS files were only 16k lines TOPS long, BUT... nowadays?
Currently, I have 1,468,594++ entries of:
A.) Adbanners blocked
B.) KNOWN maliciously scripted sites blocked
C.) Bogus DNS servers blocked
D.) Botnet C&C servers blocked
E.) Sites that serve malware blocked
F.) 250 of my fav. sites "hardcoded into it" (which is
See subject-line, & this -> http://nortondns.com/ It's got a very easy to navigate page, and on it, it has good detailed explanations that aren't "too technical for the avg. joe" either!
* ENJOY!
APK
P.S.=>
"I wasn't real happy with OpenDNS - why would Norton do a better job of "filtering" than OpenDNS did?" - by Runaway1956 (1322357) on Sunday July 10, @03:39AM (#36709658) Homepage
Norton DNS took the place of OpenDNS &/or ScrubIT as my "primary DNS" in fact, due to their use of DNSBL vs. malware exclusively! See their page... explains it ALL!
Plus - They're more "AutoMagic" than OpenDNS' optional filtering is, & no scripting required to use it (just change the DNS settings in your Network Connection in the OS & in your routers TOO if you're smart also)...
HOWEVER - I still use OpenDNS, and ScrubIT DNS as secondary sources though (backups, because you can do that in routers AND in your Windows network connections easily, by IP address (so there is "no fooling it" via bogus man in the middle attacks))
... apk
Teun: That's "arguments" they'd use (or a pedophile FREAK would also)... but, on that note:
See subject-line, & this -> http://nortondns.com/ It's got a very easy to navigate page, and on it, it has good detailed explanations that aren't "too technical for the avg. joe" either!
* ENJOY!
---
"I can see you are a Norton troll." - by Teun (17872) on Sunday July 10, @03:06AM (#36709544) Homepage
No, per my subject-line? I just tell it how it is, & the truth!
In fact, I wrote the MOST viewed security guide & most highly rated ones there are, since 1998 online:
Fact is, unlike most of you trolls around here TRY to imply?
I "preach" layered security, & have since 1997-1998 with the most viewed, highly rated guide online for Windows security there really is which came from the fact I also created the 1st guide for securing Windows, highly rated @ NEOWIN (as far back as 1998-2001) here:
http://www.neowin.net/news/apk-a-to-z-internet-speedup--security-text
AND, more currently, the MOST viewed & highly rated one there is for years now since 2008 online:
http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE
Which has well over 500,000++ views online (actually MORE, but 1 site with 75,000 views of it went offline/out-of-business) & it's been made either:
---
1.) An Essential Guide
2.) 5-5 star rated
3.) A "sticky-pinned" thread
4.) Most viewed in the category it's in (usually security)
5.) Got me PAID by winning a contest @ PCPitStop (quite unexpectedly - I was only posting it for the good of all, & yes, "the Lord works in mysterious ways", it even got me PAID -> http://techtalk.pcpitstop.com/2007/09/04/pc-pitstop-winners/ (see January 2008))
---
Across 15-20 or so sites I posted it on back in 2008... have YOU done better, troll?
---
SOME QUOTED TESTIMONIALS TO THE EFFECTIVENESS OF SAID LAYERED SECURITY GUIDE I AUTHORED:
http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=2
"I recently, months ago when you finally got this guide done, had authorization to try this on simple work station for kids. My client, who paid me an ungodly amount of money to do this, has been PROBLEM FREE FOR MONTHS! I haven't even had a follow up call which is unusual." - THRONKA, user of my guide @ XTremePcCentral
AND
"APK, thanks for such a great guide. This would, and should, be an inspiration to such security measures. Also, the pc that has "tweaks": IS STILL GOING! NO PROBLEMS!" - THRONKA, user of my guide @ XTremePcCentral
AND
http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=3
"Its 2009 - still trouble free! I was told last week by a co worker who does active directory administration, and he said I was doing overkill. I told him yes, but I just eliminated the half life in windows that you usually get. He said good point. So from 2008 till 2009. No speed decreases, its been to a lan party, moved around in a move, and it still NEVER has had the OS reinstalled besides the fact I imaged the drive over in 2008. Great stuff! My client STILL Hasn't called me back in regards to that one machine to get it locked down for the kid. I
... is behind this. Try doing some research. Your country is run by Jews, your sons go to war to die for Jewish interests. The Jews run the Federal Reserve banking scam. The Jews run all the banks, which print money from thin air, lend it to you, and then make you pay it back AND interest, on COUNTERFEIT money. The Jews own the entire media, which is why they need to control the internet, lest you find out the truth about them and their crimes against you and your children. The Jews are behind open borders and mass immigration of non-white parasites into every white country on earth.
Governments the world over want more oversight and control over what their citizens do.
No, the Government doesn't want that because the people don't want that. Certain people in the government, however, want that, and those are the people we need to get rid of.
What a stupid thing to say. Most people don't object to anything. They don't do anything other than work, play computer games and watch television. The majority of people don't count. They moan but they don't take action. They are uninformed because they don't read the business or political section of the newspaper. They submit to authority and bow before royalty, be-it Hollywood or Great British.
Most people don't object? Most people didn't object when Hitler came to power, or Stalin, or Mao Tse Dung or George Bush. Most people? Who cares about most people.
There is a small minority of people in whose interest it is to keep things the way they are and another small minority of people who want to change stuff. In between there are the majority of people who don't know, don't understand and, yes, don't object. They can get stuffed
Where are you from on the planet? IPv6 transition's SLOW here in the USA so... just curious!
"Thank you for assuming I'm an idiot." - by Anonymous Coward on Sunday July 10, @04:02PM (#36713686)
I assumed nothing... just "feeling you out" is all, & informing with correct information, appropriately is all.
---
"Yes I'm sure I don't use DNS" - by Anonymous Coward on Sunday July 10, @04:02PM (#36713686)
Ok, then you ONLY use a HOSTS file? Why might I ask??
Now, assuming your "not an idiot" now, as you THOUGHT I was to you earlier:
You do realize that mapping the ENTIRE INTERNET into a HOSTS file is well... rather foolhardy!
E.G.-> The changes of IP addresses is not that large by %, from what I have seen over 15++ yrs. or more of using HOSTS files to my advantage for better speed, layered security, bandwidth usage I pay for, & even "anonymity" to a degree vs. DNSBL's IF I WISH... but, changes of Hosts-Domains resolutions to IP addresses?
Yes, it happens... Sites shop for better deals from hosting providers (especially small-fry/cash-strapped independent sites).
For instance:
Over the course of a year now, on IPv4 here? Of 250 of my favorite sites I "hardcode map" into my HOSTS file here (I do more than just block out things with it, I speed myself up this way, & assure more solid uninterrupted communications as well)??
Well...10 of them have changed IP addresses @ this point! About the same last year, & the year before that, & so on, almost 16 yrs. back now or more in fact.
So, that "all said & aside"?
That represents around/roughly/approximately 4% (10 of 250) of change per year... multiply that by the sheer amount of TOTAL IP addresses & host-domain names for the ENTIRE INTERNET, assuming linear progression? Well...You'll be working TOO hard, imo @ least!
(I.E.-> I think what you're up to is FOOLHARDY to be blunt about it, but... suit yourself!)
See - for doing what it sounds like you're up to?
I only do my favorite 250 sites so that IF DNS' get redirect/poisoned, I have valid address resolutions + more speed of resolution, locally!
(& I triple verify them off my system, my work system(s), & my niece's machine (diff. ISP/BSP, & diff. DNS but not radically diff. location in space)).
I mean, hey - Using HOSTS to BLOCK unwanted things, fine... that's a FAR MORE FINITE task than trying to do your own DNS system via a HOSTS file even if cached into the local diskcaching subsystems (which they do, they are a file like any others), especially a larger more bloated one in IPv6??
(Man - Come on... Do you have VALID reasons for that?)
Ah - Suit yourself! I won't call you an idiot for it, as you called yourself... but... oh well!
---
"and no I don't use Windows so your links are of no use." - by Anonymous Coward on Sunday July 10, @04:02PM (#36713686)
IP is IP, even on *NIX variants (MS got their IP stack from out of the BSD world anyhow, much IS the same!)
---
"But anyway, I ran out of diskspace trying to fill my hosts file with my own ipv6 range" - " - by Anonymous Coward on Sunday July 10, @04:02PM (#36713686)
Either buy a larger new disk, or better still? Don't be foolish & try to map a non-static entity that's "in motion" with sites shopping for better deals each year (if not more) for diff. less costly HOSTING PROVIDERS!
APK
P.S.=> Just some advice, don't be offended by it - & apparently, whatever I said in my last post reply to you, is literally "Beyond Reproach", because you didn't debate any of the rest of it... (patting myself on my back)...
... apk
Why is it those who want to implement this kind of filtering never quite address these sort of concerns up-front?
Because NONE of this is EVER about achieving the worthwhile goals which are stated up-front.
These things are ALWAYS a behind-the-scenes attempt to deploy *government mandated censorship* of what is (currently) an uncontrolled medium.
Visit CryptoGnome in his home.
I'd have clues, speed being one - Whenever that's happened, and I had it happen on IRC years ago (back in the day when I was adminning the "official Windows Help channel" on Dalnet, #Windows95 (we did all types of Windows though, I was an NT 3.51-4.0 user back then) & it was endorsed by no less than K. Mardem Bey))?
There first of all??
You can't really 'hide' your IP address (unless you used proxies/socks), so anyone there could "do you" because they could get your IP Addy & I was on what was the "speed king" then, in ISDN lines leased...
How'd I know? See subject-line, & I took noticeable "speed hits" & that's how I knew it was happening...
So, to counter, I'd get a new lease & go "inviso" again, & come in as another username is all.
(Yes, to "hide" from it happening again (after I had the jerks doing it KLine'd - they were from, naturally, #Linux (our 'enemies', lol!)).
Lastly: GOOD LUCK EVEN TRYING IT - You don't even have my ip address... lol!
BOTTOM-LINE, because you don't have my IP Address: So your point is what? I will tell you what - it's "moot" (non-sequitur even, pointless!)
APK
P.S.=> You can do VPN tunneling & such, but why? That also limits who/what you can talk to/with/from too... if you want its protection! NO, I just switch IP addresses instead by obtaining a new lease & poof, "security-by-obscurity" again & especially from BIG ISP/BSP's (they are advantageous that way too - you DO get what you pay for using them)
...Compliments to you reading my entire post though... I'll give you THAT much @ least, as I have 'class' & give credit, when & where it's due...
... apk
Everyone assumes that child pornography, especially the "worst of the worst", consists of pictures of children being forced into sex. We are seldom allowed to see the evidence for ourselves, because of course it is strictly illegal for a member of the public to see it.
However, occasionally failed prosecutions for possession of Jock Sturgis or David Hamilton photos, or best-selling sex education books, gives us an insight into what prosecutors think child pornography is, and when one realizes that even photos of fully clothed children have been successfully prosecuted as child pornography, one has to consider that maybe there are ulterior motives to the campaign against child pornography, and maybe the authorities are lying to us.
Recently, some of the Webe Web child models - now adults - have begun a campaign to tell the truth about their participation in what has been successfully prosecuted as "child pornography". As they tell it, the only time they felt like victims was when the FBI came calling.
Here is one of their videos at YouTube:
http://www.youtube.com/watch?v=v2xfzmcOPg0
The Department of Community Services (previous The Department of Child Services) has had its projected funding for 2014 slashed by $AUD1.3b. They handle child abuse, foster care cases etc. Instead, we get an internet filter designed to "protect the children".