ISP Filtering.
Hello, Its late here in Australia and I'm a notorious insomniac so here goes.
Internet Filteringis being sold in Australia to the public as the be-all and end-all fo making the web safe for kids. The governemnt is selling the concept that something needs to be done and is hell bent on selling this as a system that will protect children from harm by blocking access to content that will fall into four principal categories.
1. Material likely to be of use to drug users.
2. Material likely to be of use to terrorists.
3. Child Pornography
4. Unwanted material.
Bluelight will most likely be categorised under 1 and 4. HR site or not. In Australia the governemnt is relying on religious pressure groups to dismiss criticism of the policy, and are labelling people who dont support the filter as people who support child pornography.
The filter will be regulated by the AMCA which is Australias film/entertainment classification board. It is not open to public/government scrutiny and so effectively will have carte blanche over the internet connectivity of every Australian. what is the legal guidance for classification of 'unwanted material'? Well who knows but the AMCA is the same organisation that bans games with adult themes because Australia's game categorisation ratings only go up to 15+.
The proposed filter will create a two tiered internet service for every australian. A heavy duty filter that adds adult material to the list of blocked sites and services, and an opt out for adults that 'only' blocks material lsited in the categories above. No australian would have an unfiltered connection.
Technologies.
I wish to point out that only a handful of countries attempt to do what Australia is proposing. they tend to be the ones were people get shot for kissing in public, where rape victims are hung for inflaming the passions and people who attempt to protest against their countries institutions get tortured or worse.
All filter technologies attempt to prevent specified content from reaching your computer through the application 3 common methods.
1. URL Filtering
Depending upon the sophistication level of the filter, URL filtering can block content as specific as an image or page on a site, or the site itself in entirety. These are generally the easiest types of filter to get around, depending on the sophistication of the product.
2. Categorisation
Some products categorise public sites on the web and its up to an administrator to simply chose the site categories that get blocked. I consider this to be a more brutal assault on the web, but again this kind of service is easy to bypass.
3. Content filtering
Depending on the sophistication of the product this can be very difficult to get around. Content filtering can function in two ways, analyse the site and block if required, or analyse the live stream between browser and site, then dump unsuitable material. the problem with this kind of deep packet analysis is that it is incredibly inaccurate because technology does not understand context. many other sites may become inaccessible such as breast cancer awareness and so on.
Counter Measures.
There are some steps you can take to get around many kinds of filtering. They have their drawbacks most of which come down to accessibility.
1. An open secure DNS proxy/relay
These allow you to configure your browser to point to a proxy that sits outside the country which has the filtered service. all your requests are forwarded to the proxy whcih processes the request and sends it back to your browser. This can work well unless the proxy is added to the blacklist or the connnection is not encrypted. Un-encrypted connections can be read and if it can be read it can be content filtered. Please be aware that SSL secured open proxy's can be tapped using a combination of filtering and SSL relay technologies.
2. A VPN to a foreign network.
A VPN tunnel is probably the most secure method of getting around these issues especially if the encryption is greater than 256bits. A VPN joins your computer to a foreign network and makes your computer behave as though its a part of that network. All web browses apppear to orignte from the foreign network and are relayed to your computer over a secure connection that cant be filtered or viewed.
3. TOR - The Onion router.
TOR is a VPN service that is available for free. Its run by volunteers who give up their bandwidth in order to provide thousands of people with a more secure internet connection. It works by building a relay bounced around its network of globally connected computers. it will chose a random exit point in a random country and all your traffic will appear to the web site as being sourced in that foreign country (quite good fun for reading/visiting goolge in foreign languages) all traffic is relayed back to your computer via an encrypted connection. The major issue with TOR is speed, its reliant on the generosity of others. The second major issue is that it principally uses SSL to secure its connections, which may be compromised by an SSL proxy.
4. Google Cached pages.
Google cached pages also do not tend to be blocked as the material is loaded/viewed via google making it behave like a proxy. Material viewed this way may still be prone to deep packet inspection/content filter.
Anyway there you have it, I would like to see if the owners of this forum, have any ideas on how access to the site can be maintained. I hope this post helps....
