Catch issues early, fix them fast – Free trial
[ad] With GFI Cloud you can easily manage and secure your remote workforce – wherever they are, from wherever you are! The simple IT management platform includes patch management, antivirus, web protection, monitoring and remote control. Get the benefit of endpoint protection with the ease of central management. Start a free trial now.
Great articles on other sites
- Sydney Opal card travel history can be accessed by police
- NBN analysis 'like foxes reviewing the hen house': Clare
- Call made to end inflight phone ban
- Australian government undoing profit shifting clamp down: Labor
- National security law reforms
- Victorian Government calls for contributions to shape Victoria’s digital economy
- Will IBM pip Azure at the Aussie cloud post?
- Competition watchdog should break up Foxtel monopoly: Ludlam
- Susan Sly gives up on the CIO game
- Vic Labor puts its support behind mobile police
Featured, News - Written by Renai LeMay on Monday, July 4, 2011 15:21 - 46 Comments
Optus’ filter can be defeated by ‘trivial’ DNS change
The nation’s second-largest telco Optus this afternoon confirmed users would be able to defeat its implementation of a blacklist filter of sites containing child pornography merely by changing the DNS settings on their PC.
Along with Telstra, Optus has pledged to implement a voluntary filtering framework developed by the ISP industry’s peak representative body, the Internet Industry Association. The filter, which is being seen as a more moderate industry approach developed in reaction to the Federal Government’s much more comprehensive filter scheme, will see the ISPs block a “worst of the worst” list of child pornography sites generated by international police agency Interpol.
However, in a brief statement this morning, Optus confirmed industry speculation that its filter could be defeated through a minor setting change on Internet users’ PCs. “That’s correct,” a spokesperson said, when asked if users could circumvent Optus’ filter by setting their PC to use a different DNS server than the default. “It’s a feature of the Interpol list.”
The circumvention technique relies on the fact that the ISPs’ filtering scheme sees them blocking Interpol’s list of sites at the domain name layer, in a different and less complex technique to the models which have so far been proposed under the Federal Government’s much wider scheme.
Asked about the same issue, Telstra was less willing to comment than Optus. “We do not intend to explain how motivated people with technical skills can access child abuse content by circumventing blocking of the Interpol worst of list,” a spokesperson said this morning. “This would undermine our efforts to reduce the incidence of victims being publicly identified in Australia.”
Telstra’s filter went live late last week, while Optus’ will be implemented over the forthcoming weeks. Other ISPs have not yet clarified whether are definitely planning to implement the IIA’s framework, although several have specified they will cooperate with legal requirements if necessary.
Responding to Optus’ revelation of the ease of circumventing its Interpol filter, Electronic Frontiers Association spokesperson and board member Stephen Collins said he had to wonder why Optus would even bother with the filtering system. “With such a trivial circumvention, Optus’ implementation of this block list is worse than ineffective, it’s also misleading on a grand scale,” said Collins.
“Nobody will be protected from criminals by this, and worse, for those customers who believe they are protected, their kids or anyone else using their internet connection will bypass this with less than 30 seconds effort. Optus should be ashamed of themselves; first for implementing this list and trying to have their customers believe it would work and second for doing such a half-baked job.”
Last week, Collins labelled the IIA’s blacklist approach as “security theatre”, a term coined by US security consultant Bruce Schneier to describe a security approach intended to provide the feeling of improved security — despite a lack of actual measures that will impact security outcomes in practice.
“Our recent comments as to this move being security theatre hold even more strongly now,” said Collins today.
After hearing of Optus’ implementation, however, the IIA defended its scheme. In a phone interview this afternoon, former IIA chief executive Peter Coroneos — who finished up in the role last week but is still acting as a spokesperson on the Interpol scheme — defended the organisation’s framework.
“If someone’s determined to get to child porn websites, then they will get there … this has never been positioned as an absolute solution in all cases,” the executive said. “But people need to be aware that if they are going to actively go and search out child pornography on the Internet, they do so at some legal risk. The steps that industry are taking here not to prevent the determined criminal, but for everyone else, we think the measures will be understood for what they are hoping to achieve.”
“I don’t think it’s theatre to suggest that we are going to make it harder for the non-criminal to access child pornography,” Coroneos added. “I don’t really endorse the view that this is a completely worthless effort.”
The former IIA chief reiterated the organisation’s view that implementing the Interpol filter would bring Australia into line with other countries in Europe and Scandinavia. In addition, he pointed out that many technologies were devised with safety features in mind. “If people turn off the safety features, that doesn’t lead you to conclude that the safety features were of no use,” he said.
Coroneos said that those who were technically minded and able to circumvent the filter were not likely to be representative of the majority of people using the Internet. “If they wish to, they could route around the scheme, but it doesn’t invalidate it for the vast majority of Internet users,” he said.
Image credit: Delimiter
Blog, Enterprise IT - Jul 5, 2014 13:53 - 0 Comments
More In Enterprise IT
- Qld’s Grant joins analyst firm IBRS
- Westpac dumps desk phones for Samsung Android mobiles
- Ministers’ cloud approval lasted just a year
- WA Govt can’t fund school IT upgrades
- Turnbull outlines Govt ICT vision
Blog, Telecommunications - Jul 5, 2014 12:12 - 0 Comments
More In Telecommunications
- Telstra gets $150m for NBN FTTN trial
- How Australia got online 25 years ago
- Palmer pushes for minimalist NBN policy
- NBN debate heats up at IEEE conference
- Spirit deploys 200Mbps FTTB to Southbank
Analysis, Industry, Internet - Jun 23, 2014 10:33 - 0 Comments
More In Industry
- ABC tech reporter founds micro-transactions startup
- Australia’s got ICT talent: So how do we make the most of it?
- ‘Thriving’ Aussie tech incubator scene a ‘mirage’
- Corporate highs: The US P-TECH model for schools in Australia?
- Facebook wants to hide its Australian earnings
Blog, Digital Rights - Jun 30, 2014 22:24 - 0 Comments
More In Digital Rights
- “Rational debate” needed around surveillance
- Web blocking technically impossible: iiNet reminds Govt of undisputed fact
- We like e-readers – but library users are still borrowing books
- Coalition, Labor support new surveillance laws
- Anti-piracy laws will increase piracy, says Budde