Posts Tagged‘filter’

Internet Filter: 2010 is the Internet’s 2012.

Just over a year ago today I started this blog as a part of a larger body of work to combat the lunacy that is the Internet filter. I thought we were doing a good job of it to, since the trial was delayed several times and as far as anyone could tell the policy was dying a slow quite death. Indeed with companies like the Internet giant Google damning the policy you’d think that the government would want it to disappear quietly into the dark night. As it turns out nothing could be further from the truth, with several news articles coming out yesterday stating that not only had the trial been successful, it had actually achieved filtering nirvana:

THE Federal Government is pushing ahead with its controversial plan to filter the internet, saying illegal material can be blocked “with 100 per cent accuracy and negligible impact on internet speed”. It has just released results of its latest live filtering trials, used as proof that a national internet filter will work.

Labor will introduce legislation next year requiring all service providers to ban “refused classification” (RC) material hosted on overseas servers.

Communications Minister Stephen Conroy says RC material includes “child sex abuse content, bestiality, sexual violence and the detailed instruction of crime and drug use”.

“Most Australians acknowledge there is some internet content which is not acceptable in any civilised society,” Senator Conroy said.

A little digging around got me a link to the full report, available here. Looking into the report there are a few issues I can identify outright and some more insights I’ve gleaned after reading the whole thing. Overall it doesn’t bode well for us Australian’s who enjoy our Internet unfiltered.

The first issue I draw with the report is this line on page 7 (you’ll have to forgive their spelling mistakes to):

Participants were tested for accuracy in blocking the ACMA blacklist only and all nine participants achieved 100 percent accuracy ‐ a base requirement of the pilot.

Ok this is not what the initial proposal for the filter was, nor what Conroy’s rhetoric had alluded to. Filtering a list of 10,000 URLs is a trivial exercise and I’m not surprised that such a filter worked on an ISP level. In fact the government has already provided software to parents that will work to such an effect which can run on a home grade computer. This is not the heart of the problem though, as the technical challenge was just a small part of it. No where in the report or the rhetoric do we see a policy for how URLs get on the blacklist nor how to get it off should you somehow get on it. In essence the premise of the testing was a complete and utter farce.

The report indicates that any measures taken to prevent circumvention will have a negative impact on performance (pp 3, 25-27). Now when the results of this report were released there was no mention of this and it leaves the government with 2 options when they try to push the filter through. They have to either mandate that circumvention prevention be enabled (We can’t have the kids getting around this filter now can we) which degrades performance significantly or they simply leave it out, meaning that anyone with 5 minutes and Google can circumvent it. In essence saying that the filter trial was 100% successful is again misleading since any filter implemented on the back of these results will fail at either providing the service it seeks to achieve or send Australia’s Internet to the digital back water. Again it’s a load of bull.

However it seems that Telstra showed a small bit of sense for once (pg 7) which also provided some insight into the larger issues at hand:

Telstra did not test circumvention, because it considers that filtering can be circumvented by a technically competent user.

Telstra found its filtering solution was not effective in the case of non‐web based protocols such as instant messaging, peer‐to‐peer or chat rooms. Enex confirms that this is also the case for all filters presented in the pilot. Telstra reported that heavy traffic sites could overload its trial filtering solution if included in the filtering blacklist. This is also the case for all filters presented in the pilot.

So let me get this straight, you can’t filter P2P (which Conroy said he was going to do as well) and if a high traffic site somehow manages to get on the blacklist your filter solution will get overloaded which would then, logically, lead to either slowdown or loss of Internet for those who are on it? Heaven help them if RedTube ever ends up on that list, oh wait it already is. Trying to implement this kind of thing with an Alexa Top 100 site on their list, and one that ranks in the top 50 in Australia, will almost certainly overload the filters of any real large scale ISP that tries to implement these technologies.

There’s another small issue here to, none of the participants are named and neither are their solutions making a real analysis of these results impossible. If we go off the list they released a long time ago 5 of them were small time ISPs and only one of them was a semi-large (iPrimus), but still a small player in respect to the larger Internet community in Australia. Their report states that there were 9 total ISPs (2 large, 1 medium and 6 small) however with Optus being the only large provider who’s openly supported it (all the others have been outright hostile and Telstra didn’t test on their live network) that only leaves the medium (iPrimus) and 6 small for them to base their tests off. You can see why I question how relevant the results really are.

The report shows just how ridiculous the filter really is and how you can distort any test results to support your rhetorical point of view. Any real implementation of the filter will not mimic these results and trumpeting these results as showing that such a thing is viable is an insult to the public’s intelligence. I hope you will all join me in sending Conroy a message that this kind of malarkey will not be tolerated by the Australian community at large.

Internet Filter: Credit Where it Wasn’t Due.

It wasn’t too long ago when I found myself scouring the University of Canberra and the Australian National University for courses to launch myself into a future career. After deciding on the UC course I had been told that it was certified and would count towards accreditation with no less than 3 professional associations in the fields of ICT and engineering. They were: Institute of Electrical and Electronic Engineers (IEEE), Engineer’s Australia (EA) and the Australian Computer Society. Initially I thought that this would be a great boon for my career, as nothing is more important than who you know right? Turns out that one of these professional bodies that I could have sought membership with has a few wires crossed:

The Australian Computer Society has released a report that flags conditional support to ISP-based internet filtering from a technical standpoint, based on a series of boxes that need to be checked before giving the scheme the green light.

Six experts from the ACS said that filtering of the internet is plausible, but suggested a number of steps, summarised below, that the Federal Government needs to first address.

“Filtering alone is unlikely to adequately address cyber security issues or significantly impact those who deliberately produce, distribute or search for illegal material,” said Australian Computer Society chairman and president Kumar Parakala.

The full report from the ACS is available here. Whilst they do pick up on a couple of points that require much more consideration such as the transparency of process and actual purpose of the filter they casually gloss over the point of network degredation. Out of the 19 pages of the report approximately 3 lines are dedicated to the important subject of sending Australia back about 5 years in terms of broadband speeds:

5.5

In this situation there could be enough performance in the filtering solution to ensure that the filter would not create a bottleneck and significantly affect the performance of the ISP.

5.6

  • not all applications work well with a proxy server and so the performance of the ISP can degrade;

Considering that the best (almost ludicrous) estimates had the filter pegged at slowing Internet speeds by 3% and most realistic estimates are closer to 30% the report gives the impression that the only problems the filter faces are policy based. Whilst the majority of the problems stem from the fact that a mandatory filter is in itself bad policy the apparent endorsement from a technical standpoint of a solution that is verging on moronic makes the ACS look out of touch with the world of ICT. Whilst there does appear to be some good technical people behind the document I can’t in good faith endorse it or the media attention that it has received. In fact all the reports on the article have taken the same approach and only mentioned the policy ideas, furthering my point that the report was a little short sighted. “Conditional” support is not what the voting public will see and it’s not what Conroy will use in his rhetoric on the subject.

With so many unknowns being thrown around at this point in time the ACS would have been far better placed to remain agnostic on the filter and should have taken the stance that the filter in it’s current form can’t be implemented until the specifications and policies surrounding it are finalized. This would have allowed them to make the same points that they have already whilst staying at arms length, saving themselves from embarrassment when the filter finally falls on its face. Right now they make some good points but have lost a lot of credibility with those who it represents.

Times like this it makes me happy that I was a lazy graduate and didn’t sign up with associations like this. Although if I did cancelling my membership might have had a bit more impact than just lamenting it on my blog. Bah, they’ve got enough egg on their face as it is 🙂

When Stupid Meets Stupid: Internet Filters, Anonymous and Rudd.

As many people know I’ve been a long time opponent of the Internet filter. In fact if you wind back the clock to when I created this blog you’ll see that it was originally created as a place to collate my thoughts and actions on the issue. Whilst the majority of the opposition to the filter has been clear and reasonable it would seem that the time has finally come when the vigilantes come out of the woodwork and start wrecking all the solid work we have been doing:

The Federal Government is investigating reports a computer hacker managed to temporarily shut down the Prime Minister’s website.

Kevin Rudd’s site, www.pm.gov.au, was brought down for a short time last night due to what is described as a denial of service attack.

The hacker, apparently known by the nickname Anonymous, posted warnings that government websites would be targeted in protest against its plans to filter the Internet.

The Government is considering ways to block websites carrying material it believes is offensive.

The move has attracted widespread criticism, largely because of fears the filtering system will slow Internet speeds.

The first bit of stupid I’d like to point out here is that whilst the “hacker” was identified as operating under the name Anonymous the media failed to properly recognise that he/she was probably acting as part of the online group with the same name. Although they do quote people who allude to them being a group later on most news outlets have just been repeating the first few lines. They have voiced their disapproval for the Internet filter before and due to their spontaneous order like affiliation they are unpredictable in the action that they take. It would then seem that one member identifying with their principals decided to take matters into his own hands and try to make a point about the issue, albeit with the completely wrong methods.

Whilst I can appreciate the passion and dedication that the hacker/s must have felt in order to attempt something on this magnitude I can not condone their methods. The unfortunate truth about their actions is that it has done nothing to further the cause to have the filter abandoned and has only served to bring a small amount of news to the front pages saying that the prime minister’s website was attacked. Judging by the attack itself I can hazard a guess that the attacker is either from outside Australia or not current with news on the filter, as it is essentially dying on the vine. We still need to be vigilant to make sure that the government does not try to resurrect the policy under a different name however the filter as it was proposed is being swept away in the hopes it can die without taking any politicians with it. Unfortunate as I would’ve liked to have the sacrificial lamb to be Conroy for fervently supporting this legislation.

Acts like this do nothing to serve the cause and only help to strengthen the opposition’s resolve. The out pouring of support from other countries, like the UK naming Conroy as the Internet Villain of the Year, does far more to help than what amounts to petty vandalism of a government site. If they want to put their 1337 |-|a©Kz0r skills into practice maybe they should look to more persuasive ways, like google bombing Conroy. But that would be too much effort now wouldn’t it? 😛

It was fun to see the stupid explosion when they collided though 🙂

Conroy Backs Down.

I’ve blogged numerous times before about the Internet Filter and it had been all quiet on this front up until this morning when I got wind of this:

THE Rudd Government has indicated that it may back away from its mandatory internet filtering plan.

Communications Minister Stephen Conroy today told a Senate estimates committee that the filtering scheme could be implemented by a voluntary industry code.

Senator Conroy’s statement is a departure from the internet filtering policy Labor took into the October 2007 election to make it mandatory for ISPs to block offensive and illegal content.

Responding to questions from shadow communications minister Nick Minchin on how the government may go about imposing the internet filtering scheme, Senator Conroy said that legislation may not be required and ISPs may adopt an industry consensus to block restricted content on a voluntary basis.

“Mandatory ISP filtering would conceivably involve legislation … voluntary is available currently to ISPs,” Senator Conroy said.

“One option is potentially legislation. One other option is that it could be (on a) voluntary basis that they (ISPs) could voluntarily agree to introduce it.”

In response Senator Minchin said he had never heard of a voluntary mandatory system.

Senator Conroy responded with “well they could agree to all introduce it”.

It’s becoming more and more obvious that this is unpopular legislation and it seems the government has been in damage control ever since. This has barely hit the news for over 2 months and the next part we hear about is Conroy saying that all ISPs could voluntarily implement the filter, something which I find incredibly naive.

With the proposal in such a shambles, with them admitting that they’d need to write laws to get it implemented, one has to wonder why are they continuing with something like this? Whilst I’m sure this is a move done to keep Rudd at bay it would seem that Conroy is caught up the old dollar auction game. With such an investment in pushing this considerably unfavourable policy he can’t be seen to be backing down now and be forever seen as being weak on unpopular but “just” causes. So now he’s reduced to this vocal gymnastics to describe what really would be a voluntary mandatory system.

Whilst the policy isn’t completely gone, what with the joke of the trial still continuing, even if it gets implemented it will be horribly ineffective and will prove a talking point for the next election. I’m actually quite surprised how little attention this policy has received in the media considering that it would be a great point of ridicule for the opposition to bring against the Rudd government. They missed the boat when it came to slugging them on the budget but this has been an ongoing joke for over 6 months now. Maybe the opposition thinks no one cares.

That’s probably the most scary part about policy like this. When it first came out I was fine with the idea, allowing someone like me to continue to use the Internet as I wished and anyone who wanted filtering at the ISP level could get it. However when it began to change into something much more hideous I realised I couldn’t stand idly by, but I can’t say that much of the public at large. Talking to my family and relatives I found that most of them were in favour of such horrible ideas, mostly because they had no idea about what it actually meant for them. This kind of ignorance is what scares me as it allows things like this to slip under the radar, slowly eating away at our civil liberties.

This was also why I began to take an interest in politics. Staying ignorant of what my government in power was doing on helped them to pass legislation I disagreed with. Keeping myself informed about what they were doing enabled me to make sound voting choices when it came time, and I’m (mostly) thankful for it. Sure I voted in the party that brought this policy on us but that’s exactly what my previous post on micro democracy was all about. Had I had the option to vote out “Internet Filter” I would have, but we’re still in an age where democracy (and society) isn’t granular enough to handle people like me who would love to micro manage their government.

One day I’ll hear the death knell of this policy, one day.

Internet Filter continues down the road to stupidity.

Well it seems that the DLC must have been heard by Senator Conroy and his party members, since he’s decided to add in some additional features to the proposed filter:

18. Is it true that ISP filtering is unable to filter non-web based traffic such as peer-to-peer and chat?

ISPs in other developed nations that have introduced filtering have done so mainly to help address the proliferation of child pornography on the web using a blacklist of mainly child pornography sites. These blacklist filtering services do not deal with non-web traffic such as peer-to-peer and chat.

The Department understands that a number of ISP filtering products allow blocking of non-web based applications, and that vendors are undertaking development in this area. A small number of ISPs in Australia and overseas provide ISP level filtering services that seek to help parents manage non-web based applications such as peer-to-peer and chat.

To the extent possible, the Pilot will test the effectiveness of more sophisticated ISP level filtering services and products to help parents manage use of non-web applications.

It is understood that technology exists to filter peer-to-peer networks. If such technology is proposed as part of the Pilot by an ISP it will be considered.

Full FAQ from the deparment here with coverage from PC MAG.

Now I know that many of the ISPs would be fully aware that blocking Peer to Peer (P2P) traffic is not only complicated but will also guarntee slowdowns that are far in excess of current estimates. To give you an idea of how complicated it is here are a couple ways of detecting Peer to Peer traffic:

  • Deep Packet Inspection: Basically opening every packet and looking at the packet structure to determine what it is and where it is going to. This means that the packet is delayed whilst it is inspected, and this could lead to lengthy delays in delivery espeically if the packet is big. Say goodbye to reliable VOIP services if this kind of inspection gets put in.
  • Connection/Traffic Trending: This is watching the connections a client makes and building up a trend map of them to determine which ones are legitimate and which ones aren’t. Bittorrent and other P2P applications usually open up lots of connections and transmit small amounts of data over them, so they will build a model off that principle. Once they think they have a P2P connection they’ll terminate it by various methods (RST Injection or just drop the connection entirely). Inheritly flawed and will cause issues with any technologies that utilize P2P as a distribution method (World of Warcraft uses it for their client patches).
  • Port blocking: Simply denying all traffic on the ports that P2P applications typically use. Easily cirumvented.

The Internet Filter proposal itself was unacceptable already, this just puts it into the realm of insanity. At the rally I talked about what kind of impact this would have to businesses and introducing something like this would just make the effect even worse. Just because P2P may be responsible for some un-scrupulous people using it for nefarious purposes doesn’t mean that everyone should suffer, and I really do mean everyone in this respect.

Probably my biggest concern are the people who support Free and Open Software with their contributions to things like Linux. They use Bittorrent to distribute their software and blocking this service will mean a severe detriment to the free service that they provide. Whilst solutions like Ubuntu will still function thanks to the generous support of people like Mike Shuttleworth I’m afraid the smaller ones will be hit severely by the decision to include P2P in the filter.

If we see something like this get put in I can see so many business with strong web presences moving their services overseas. When you rely on your web services in order to generate revenue slow down means lost dollars and customers, neither of which a company will endure just to host a service in Australia. We’re already behind in terms of broadband proliferation and web services, do we really want to continue down this road of making Australia an Internet backwater?