AusCert 2010: Australian net filter doomed
- 18 May, 2010 15:03
Renowned security expert, Marcus Ranum, has declared Australia's Internet content filter will fail to combat child porn and may not get off the ground.
He said child pornography is often behind protected servers that are out of the reach of the government's classification processes, and exist only for a short moment.
"Sellers of child porn will find an open website, jack it, and put a VNC (Virtual Network Computer) server on it and sell the credentials to someone they know wants access," Ranum told Computerworld Australia at AusCert 2010 security event being held in Queensland this week.
"I am against censorship of any kind, but I'm also against child porn which is wrong if anything is wrong.
"But blocking freedom of speech has always become censorship of people's ability to protest."
Ranum said Internet content filters were used to censor and track political dissidents in Iran following the country's election last year.
However, while he would not support the kind of content filter the Federal Government is planning to implement, he conceded Internet content filtering can be considered a legitimate tool of nation-state security in as much as it builds similar controls around communication to those that bind immigration and trade .
He went on to add law enforcement agencies can use content filters to identify people who access blacklisted sites, using Baysian filters or series of MD5 hashes "mashed against the blacklist database".
"Someone attempts to look up a child porn website. The [content filters] would do a URL lookup and a fetch against a Baysian classifier which is tied to a codex of naughty websites. If the URL is a high proity [on the classifier] it is blocked, and if it is in the grey zone, then it goes to the police," Ranum said.