Interesting People mailing list archives
] France blocks online c-porn, terrorism, racism
From: David Farber <dave () farber net>
Date: Tue, 10 Jun 2008 14:21:50 -0700
________________________________________ From: Steven M. Bellovin [smb () cs columbia edu] Sent: Tuesday, June 10, 2008 4:44 PM To: David Farber Subject: Re: [IP] France blocks online c-porn, terrorism, racism Ironically, attempts by providers to block access to a class of sites can backfire. Richard Clayton showed how to use one ISP's blocker as an oracle to compile lists of banned sites. The paper is at http://www.cl.cam.ac.uk/~rnc1/cleanfeed.pdf; here's the abstract: Three main methods of content blocking are used on the In- ternet: blocking routes to particular IP addresses, blocking specific URLs in a proxy cache or firewall, and providing invalid data for DNS lookups. The mechanisms have different accuracy/cost trade-offs. This paper ex- amines a hybrid, two-stage system that redirects traffic that might need to be blocked to a proxy cache, which then takes the final decision. This promises an accurate system at a relatively low cost. A British ISP has deployed such a system to prevent access to child pornography. However, circumvention techniques can now be employed at both system stages to reduce effectiveness; there are risks from relying on DNS data supplied by the blocked sites; and unhappily, the system can be used as an oracle to determine what is being blocked. Experimental results show that it is straightforward to use the system to compile a list of illegal websites. ------------------------------------------- Archives: http://www.listbox.com/member/archive/247/=now RSS Feed: http://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- ] France blocks online c-porn, terrorism, racism David Farber (Jun 10)