I hear the government is going to introduce a mandatory internet filter that will filter what you can access, in effect they only allow you access sites they say you can access..Pretty scary stuff as the list of banned sites will not be viewable by anyone other than ACMA (Australian Communications and Media Authority) Sites rumoured to be banned will be The Pirate Bay, mininova, Demonoid and 4chan..No doubt this will be expanded greatly to include any site that goes against government policy..

So what do people think should our internet be filtered even though the ISP's are saying it will be technically impossible to do so without degrading speeds and the fact it will make it impossible to catch people doing illegal things on their PC as they will quite easily circumvent the filter..

Not to mention that some people are saying the filter will make all login/passwords for online banking, ebay, paypal transactions viewable by someone at the ISP as it passes through the filter..

Chairman K rudd and his comrades advisedthis preelection....its to save the kids :2tsup:. Must be getting the nod from his chinese masters
Pete

Passwords, banking etc can not be viewed as they are encrypted.

Sites will become encrypted and bypass the filters with a simple browser plugins.

Sites will appear faster than they can be banned.

The pollies will claim to be doing good but nothing will change.
Lots of parents will reduce their monitoring of where the kids browse.

We will pay for it.:C

Passwords, banking etc can not be viewed as they are encrypted.

They break the encryption via man in the middle attacks at the ISP, put the results through the filter then re-encrypt and send on it's way...The user will get a warning that this is happening but they will most likely click the proceed button..HTTPS is filterable by the latest filters..All it would take is one dodgy employee to harvest passwords and logins..

It's not possible.

Like the fire-arms laws, it will only affect the innocent. Anyone who wants to bypass the filters could do so easily (the same as criminals aren't too fussed about having illegal guns :rolleyes:) and there's no way the govt can stop 'em short of physically disconnecting all international communications channels. (And with satellite comms, even that ain't possible anymore.)

If they could, don't you think that hackers, crackers, phishers and the like would have long been a thing of the past?

VPN's will become more commonly used. Money launderers and the like already do so. The govt may try to stop illegal downloads, but they will fail. There are a lot of clever little geeks out there.
Les

I agree with everyone's sentiments. It'll never happen - but EVEN if it did, which it won't, there are so many other ways around these 'blockages'.

The problem isn't that the filter will work but that it will cost us money and possibly send isp's out of the business, either because of the cost or fear of legal ramifications. Reduce competition, reduce discounts.

http://nocleanfeed.com/takeaction.html (http://nocleanfeed.com/takeaction.html)

If you want to protest it. They said or at least inferred before the election there would be an opt out option. In fact there is is proposed two levels of filtering, no clean feed.

Waste of time, money, and effort. Especially with satellite connections, like Skew said. And leads to a false sense of security, worst of all.

Padlocks protect us against honest folks, not the rest.

Joe

The sooner all web traffic uses high level encryption the better, anyway.

See http://en.wikipedia.org/wiki/ECHELON and
http://blog.wired.com/27bstroke6/2008/06/att-whistleblow.html

Except that in certain countries high-level encryption is not permitted for domestic use. I believe it's still illegal in Russia, Iran & Iraq. :rolleyes: I've heard that it was illegal in France, but that they've recently become more tolerant.

It ain't gonna happen anyway. For secure encryption you really need to go PGP or similar, which requires a 2-key system Can you imagine what a pain it'd be if you had to send a copy of the public key to every site you visited?

The obvious workaround would to be have established encrypted channels between servers and then the only keys that'd need swapping would be with your ISP. They'd decrypt your packets with your public key, re-encrypt it with their private one and send it on. Wash, rinse & repeat at each server.

Of course, all it takes is for the govt to mandate some anti-terrorist law forcing all local ISPs to supply the govt with their keys... and I wouldn't trust the gubmint with the keys to my car, let alone my private comms. :~

Encryption only works when only the two "secure" parties have the keys.

Except that in certain countries high-level encryption is not permitted for domestic use. I believe it's still illegal in Russia, Iran & Iraq. :rolleyes: I've heard that it was illegal in France, but that they've recently become more tolerant.

It ain't gonna happen anyway. For secure encryption you really need to go PGP or similar, which requires a 2-key system Can you imagine what a pain it'd be if you had to send a copy of the public key to every site you visited?

The obvious workaround would to be have established encrypted channels between servers and then the only keys that'd need swapping would be with your ISP. They'd decrypt your packets with your public key, re-encrypt it with their private one and send it on. Wash, rinse & repeat at each server.

Of course, all it takes is for the govt to mandate some anti-terrorist law forcing all local ISPs to supply the govt with their keys... and I wouldn't trust the gubmint with the keys to my car, let alone my private comms. :~

Encryption only works when only the two "secure" parties have the keys.

If I knew what the L that means, I might add more. I don't, so I won't.:wink::D

Joe

If I knew what the L that means, I might add more. I don't, so I won't.:wink::D

Joe
Don't worry, Joe, the 2nd last paragraph is the important one.:wink:

How will they block satellite feeds?

There are other simpler ways. Get a cheap jumping off account in a "friendly" country, encrypt to that and bounce off to wherever. Has the added benifit of making all your surfing untraceable, unless they crack your remote host. I suspect such services are available now, but would become very much more popular should this go ahead.

There are so many ways to tunnel through it it's not funny, but what is funny is a friends take on it:

If the mandatory filter blcoks all "illegal" content then if your able to download it it can't be illegal, and if it is then sue the government. :)

They are dirtying their hands with stuff they don't understand and it'll bite. Politicians! and it's illegal to shoot them...

There are other simpler ways. Get a cheap jumping off account in a "friendly" country, encrypt to that and bounce off to wherever. Has the added benifit of making all your surfing untraceable, unless they crack your remote host. I suspect such services are available now,

I have learnt that is called VPN (Virtual Private Network) and will cost you about $5 a month to set up a host in the US..

I lied. I do know a little about it. But not enough to address all of Skew's observations.

Damian's suggestion works only until there are no "friendly" countries left.

There are even simpler ways. In WW2, the US Marines employed "Code Talkers" from the Navajo tribe. No one else on Earth understood the Navajo language, and there were no written references. All very hush hush, of course, and it worked a treat. This is now public knowledge.

Graphics, including rebuses, can also be employed. Scoundrels, and non-scoundrels, have been using a voice variation of this since the invention of eavesdropping.

These two examples employ the concept of only the two secure parties. Google [steganography] for more.

And I've excluded a few other tricks.

Joe

Sorry, Joe. Actually, looking back at my other post, I didn't make my main point clearly, although I can see hints of it there. (That's what happens when the inner geek breaks free. I do try not to feed him, though. :rolleyes:)

My main point was, it's not practical to have secure encryption available for "generally surfing the 'net."

One of the rules of security is only use encryption for msgs that need it. Encrypting everythig simply gives potential crackers adequate samples and the contexts in which they're used, to make breaking the code easier.

Another is: don't automate it! Databases, etc? :no::no::no:

As soon as you get encryption in place for "general everyday surfing" then both rules are broken and there's not really much point in having the system in the first place.

We're in the same church, Skew. Just sittin' in different pews. Yeah, my inner demons break out once in a while, too.

Joe

:D

See? You can catch Aussie fish from over that side of the pond! :- It may not have been what you were trawling for, but that's fishing for ya!