Comments on: Internet Filtering Doesn’t Work http://thomasbeagle.net/2009/07/19/internet-filtering-doesnt-work/ Sun, 14 Mar 2010 08:24:24 +1200 http://wordpress.org/?v=2.9.2 hourly 1 By: anonymous http://thomasbeagle.net/2009/07/19/internet-filtering-doesnt-work/comment-page-1/#comment-23253 anonymous Tue, 29 Dec 2009 04:51:26 +0000 http://thomasbeagle.net/?p=276#comment-23253 I came to this discussion late but think it's important to point out that there are now portable Tor versions for Firefox and Opera. These are so idiot-proof that anyone able to switch on a computer can now thumb their noses at any conceivable filtering software. This makes the whole idea of censorware even more useless and absurd than it already was. Just Google for OperaTor, download, click to unzip, click the executable (operator.exe), and you are away. Everything is preinstalled for encrypted, anonymous browsing. I came to this discussion late but think it’s important to point out that there are now portable Tor versions for Firefox and Opera. These are so idiot-proof that anyone able to switch on a computer can now thumb their noses at any conceivable filtering software. This makes the whole idea of censorware even more useless and absurd than it already was. Just Google for OperaTor, download, click to unzip, click the executable (operator.exe), and you are away. Everything is preinstalled for encrypted, anonymous browsing.

]]> By: Tim http://thomasbeagle.net/2009/07/19/internet-filtering-doesnt-work/comment-page-1/#comment-5369 Tim Mon, 20 Jul 2009 19:32:45 +0000 http://thomasbeagle.net/?p=276#comment-5369 With respect to point 3 (filter entries are added manually) - it would be dangerous to assume that an automatic filter based on heuristics could safely be implemented, given the present level of heuristic technology - and especially considering point 1. It would become trivial to 'lead' such a filter into blocking certain sites, abusing the filter to deny service to sites which are legitimate. With respect to point 3 (filter entries are added manually) – it would be dangerous to assume that an automatic filter based on heuristics could safely be implemented, given the present level of heuristic technology – and especially considering point 1. It would become trivial to ‘lead’ such a filter into blocking certain sites, abusing the filter to deny service to sites which are legitimate.

]]> By: seanfish http://thomasbeagle.net/2009/07/19/internet-filtering-doesnt-work/comment-page-1/#comment-5346 seanfish Mon, 20 Jul 2009 00:40:55 +0000 http://thomasbeagle.net/?p=276#comment-5346 Not to mention the various methods entailed by #5 Colin which render the whole thing moot. I know of intermediate school children who can (for social networking, but the principle is the same) readily work around their schools' filtering. In essence we have described here a system that, at best, keeps people safe from unwittingly exposing themselves to inappropriate content and at worst (a) blocks who knows what of benefit, and (b) costs us. Not to mention the various methods entailed by #5 Colin which render the whole thing moot. I know of intermediate school children who can (for social networking, but the principle is the same) readily work around their schools’ filtering.

In essence we have described here a system that, at best, keeps people safe from unwittingly exposing themselves to inappropriate content and at worst (a) blocks who knows what of benefit, and (b) costs us.

]]> By: thomas http://thomasbeagle.net/2009/07/19/internet-filtering-doesnt-work/comment-page-1/#comment-5327 thomas Sun, 19 Jul 2009 03:48:39 +0000 http://thomasbeagle.net/?p=276#comment-5327 Hi Colin, The traffic is diverted by IP address but then the filter server has to check the request to decide whether the URL is blocked or not. It can't do this if it is encrypted. You are correct in that they could block *all* encrypted https traffic to that IP address, but that would also block interrupt legitimate sites using https on the same server (e.g. a shopping cart for). Hi Colin,

The traffic is diverted by IP address but then the filter server has to check the request to decide whether the URL is blocked or not. It can’t do this if it is encrypted.

You are correct in that they could block *all* encrypted https traffic to that IP address, but that would also block interrupt legitimate sites using https on the same server (e.g. a shopping cart for).

]]> By: Colin Coghill http://thomasbeagle.net/2009/07/19/internet-filtering-doesnt-work/comment-page-1/#comment-5325 Colin Coghill Sun, 19 Jul 2009 02:39:26 +0000 http://thomasbeagle.net/?p=276#comment-5325 Just a note on points 1 & 2. It sounded to me more that they were filtering by IP address, which would still let them block access to encrypted stuff, as long as they've somehow discovered that the place it's coming from is dodgy. The other points still stand, of course. They'd get much better value for money by hiring and training some extra police specialists in the area. Just a note on points 1 & 2. It sounded to me more that they were filtering by IP address, which would still let them block access to encrypted stuff, as long as they’ve somehow discovered that the place it’s coming from is dodgy.

The other points still stand, of course.

They’d get much better value for money by hiring and training some extra police specialists in the area.

]]>