Great articles on other sites
- iiNet founder Michael Malone finally backs TPG Telecom takeover
- How and why the public sector must make friends with artificial intelligence
- Second anniversary of IT pricing report approaches - Computerworld
- Doctors spend 15 mins opening Fiona Stanley Hospital software
- What to expect from Abbott's national cyber security strategy
- ISPs need more time for data retention compliance
- TPG iiNet bid: major shareholders complain
- Qld emergency services payroll replacement on the rocks
- Victoria to wait another eight months for public IT dashboard
- Superloop CEO slams Australian govt tech policies
Renai's other site: Sci-fi + fantasy book news and reviews
- Kim Stanley Robinson’s new book Aurora is due in July
- What’s the future of “Grimdark” fantasy?
- An epic rant from Richard Morgan about nuance in writing
- Brandon Sanderson’s Firefight: Review
- Get into Jeff VanderMeer’s head as he writes the Southern Reach trilogy
- George R. R. Martin’s next book The Winds of Winter won’t arrive in 2015
- Alastair Reynolds’ Poseidon’s Wake launches 16 April
- Ann Leckie’s Ancillary Sword: Review
- Ann Leckie finishes Ancillary Mercy
- Hannu Rajaniemi’s The Fractal Prince: Review
Featured, News - Written by Renai LeMay on Monday, July 4, 2011 15:21 - 46 Comments
Optus’ filter can be defeated by ‘trivial’ DNS change
The nation’s second-largest telco Optus this afternoon confirmed users would be able to defeat its implementation of a blacklist filter of sites containing child pornography merely by changing the DNS settings on their PC.
Along with Telstra, Optus has pledged to implement a voluntary filtering framework developed by the ISP industry’s peak representative body, the Internet Industry Association. The filter, which is being seen as a more moderate industry approach developed in reaction to the Federal Government’s much more comprehensive filter scheme, will see the ISPs block a “worst of the worst” list of child pornography sites generated by international police agency Interpol.
However, in a brief statement this morning, Optus confirmed industry speculation that its filter could be defeated through a minor setting change on Internet users’ PCs. “That’s correct,” a spokesperson said, when asked if users could circumvent Optus’ filter by setting their PC to use a different DNS server than the default. “It’s a feature of the Interpol list.”
The circumvention technique relies on the fact that the ISPs’ filtering scheme sees them blocking Interpol’s list of sites at the domain name layer, in a different and less complex technique to the models which have so far been proposed under the Federal Government’s much wider scheme.
Asked about the same issue, Telstra was less willing to comment than Optus. “We do not intend to explain how motivated people with technical skills can access child abuse content by circumventing blocking of the Interpol worst of list,” a spokesperson said this morning. “This would undermine our efforts to reduce the incidence of victims being publicly identified in Australia.”
Telstra’s filter went live late last week, while Optus’ will be implemented over the forthcoming weeks. Other ISPs have not yet clarified whether are definitely planning to implement the IIA’s framework, although several have specified they will cooperate with legal requirements if necessary.
Responding to Optus’ revelation of the ease of circumventing its Interpol filter, Electronic Frontiers Association spokesperson and board member Stephen Collins said he had to wonder why Optus would even bother with the filtering system. “With such a trivial circumvention, Optus’ implementation of this block list is worse than ineffective, it’s also misleading on a grand scale,” said Collins.
“Nobody will be protected from criminals by this, and worse, for those customers who believe they are protected, their kids or anyone else using their internet connection will bypass this with less than 30 seconds effort. Optus should be ashamed of themselves; first for implementing this list and trying to have their customers believe it would work and second for doing such a half-baked job.”
Last week, Collins labelled the IIA’s blacklist approach as “security theatre”, a term coined by US security consultant Bruce Schneier to describe a security approach intended to provide the feeling of improved security — despite a lack of actual measures that will impact security outcomes in practice.
“Our recent comments as to this move being security theatre hold even more strongly now,” said Collins today.
After hearing of Optus’ implementation, however, the IIA defended its scheme. In a phone interview this afternoon, former IIA chief executive Peter Coroneos — who finished up in the role last week but is still acting as a spokesperson on the Interpol scheme — defended the organisation’s framework.
“If someone’s determined to get to child porn websites, then they will get there … this has never been positioned as an absolute solution in all cases,” the executive said. “But people need to be aware that if they are going to actively go and search out child pornography on the Internet, they do so at some legal risk. The steps that industry are taking here not to prevent the determined criminal, but for everyone else, we think the measures will be understood for what they are hoping to achieve.”
“I don’t think it’s theatre to suggest that we are going to make it harder for the non-criminal to access child pornography,” Coroneos added. “I don’t really endorse the view that this is a completely worthless effort.”
The former IIA chief reiterated the organisation’s view that implementing the Interpol filter would bring Australia into line with other countries in Europe and Scandinavia. In addition, he pointed out that many technologies were devised with safety features in mind. “If people turn off the safety features, that doesn’t lead you to conclude that the safety features were of no use,” he said.
Coroneos said that those who were technically minded and able to circumvent the filter were not likely to be representative of the majority of people using the Internet. “If they wish to, they could route around the scheme, but it doesn’t invalidate it for the vast majority of Internet users,” he said.
Image credit: Delimiter
Featured, opinion/analysis, Policy + Politics - Aug 3, 2015 13:40 - 21 Comments
More In Policy + Politics
- nbn project to hire 4,500 more staff
- Google ploughs $1m into Australian tech education
- Four months later, data retention funding model still incomplete
- Less talk, more action: Entrepreneur tells ‘Labor for Innovation’
- Bronny Copter is here to save us from Bishop’s Choppergate
Enterprise IT, News - Aug 3, 2015 16:03 - 1 Comment
More In Enterprise IT
- [ad] Tatts Group optimises business performance with StruxureWare software
- Legacy health software lands SA Govt in court
- Microsoft wants to win you back with Windows 10
- Qld Govt Depts have no disaster recovery plan
- ASD releases Windows 8 hardening guide
Industry, News - Aug 3, 2015 15:25 - 2 Comments
More In Industry
- SkyMesh offers symmetric 100/100Mbps NBN
- ICAC to investigate NSW TAFE ICT manager
- iiNet shareholders vote ‘yes’ for TPG buyout
- iiNet chairman “proud” as TPG sell-out looms
- Kotaku alleges abuse, gross staff neglect at retailer EB Games
Consumer Tech, News - Jul 29, 2015 17:14 - 11 Comments
More In Consumer Tech
- Older Australians embracing video games
- Gasp … Qld will fuel electric vehicle charging stations with solar
- Oops … Tesla enthusiast charges car on Qld windfarm
- Netflix Australia: Review
- RAC builds electric vehicle highway in WA