Original URL: http://www.theregister.co.uk/2007/08/11/australia_gov_internet_protection/

Australia declares war on net porn

Filter this!

By Sûnnet Beskerming

Posted in Broadband, 11th August 2007 01:36 GMT

Within the last 24 hours the Australian Commonwealth Government announced that they would be spending AUS$189m (US$162m) on a range of packages and programs designed to protect Australian Internet users against all that the Internet has to offer, under the name Netalert.

With increasing increasing coverage by the Australian media, it is worthwhile to investigate what the features of the proposed scheme actually are, and whether they have any chances of working.

While the $189m is not being immediately assigned to the effort, and reflects a number of endeavours under the guise of protecting Australians against Internet nasties, there are some critical problems with the approach that the Government is taking.

Among the list of projects that have been earmarked for the money are:

During a streaming video presentation to the largest pentacostal evangelical church in Australia (Hillsong), an Assemblies of God megachurch, Prime Minister John Howard outlined several measures that would immediately appeal to the conservative (ultra-conservative?) audience. These included provision of Internet filters and efforts to block pornography at upstream providers by working with ISPs.

More than 700 other Christian assemblies were linked into the address, which meant that more than 100,000 were Australians watching the presentations. The leader of the Opposition, Kevin Rudd, also joined in on providing a presentation to the assembled masses. This inclusion suggests that if the party in government changes at the next Federal election (later this year) then the Plan will stay in place (Labor have actually been ridiculed in the past for their ideas about what it means to protect Australian Internet users).

Probably the most effective way that the money is going to be spent will be to improve funding for various online investigative measures being carried out by The Australian Federal Police such as efforts to detect and investigate online predators. This may not be all that effective, though, with the AFP not being well-known for its ability to keep up with, adequately identify, and understand Internet based threats.

Despite the difficulty of correctly being able to identify online predators, something that the social networking companies and other interest groups are already struggling with (do you share a name or a birth date with a known predator? If you do, don't go online...), money will still be poured after it.

Several million dollars to knock the stupid predators offline might be considered a good investment by some.

One of the ironic measures being proposed is a bucket of money to establish a working group to find ways around the privacy laws and measures that are effectively protecting predators, presumably to make arrest and prosecution easier. If the laws and measures that protect predators are so effective, what is the $189m needed for, again? Why don't those measures work for those we are supposed to protect?

Even though there are known problems with blacklists, money will go towards expanding such a blacklist of nasty sites that Australians aren't supposed to see. If it were the United States, it would be considered part of the argument about net neutrality and what it means to be designated a 'Common Carrier', though there are probably a number of Australian ISP customers secretly pleased that they might get to sue their ISP for allowing them to view nasty content (the Government was supposed to stop it, right?).

The effectiveness and speed with which malicious content can be placed on 'trusted' sites through blended attacks makes all of these efforts almost worthless. Any impartial observer who noted the big trends at recent Information Security conferences would have been able to identify this pattern in an instance.

A hotline to help families install the Internet filtering software being provided will presumably join the National Security Hotline as a widely derided black hole of funds, with limited usefulness (if VCR clocks are taken as a precedence, then the helpline is probably going to be staffed by the very children that the filters are meant to stop looking at nasty material).

While voices against the measures have largely focussed on the choice of audience (Christian conservative), it should not be forgotten that there will be criticism from those in the technical community who understand the sorts of threats and problems that are trying to be faced by the measures.

With fairly strong support for the measures from those who watched the presentations, ranging from those who are supportive of measures to help them limit what they and their children can see online to those supportive of the additional resources to hunt down online predators.

Countering this is the argument that parents should not expect the State to do their parenting for them if they are unwilling to. No one is arguing against extra resources to track, identify, and prosecute predators - so long as law enforcement get it right. The amount of money being thrown at the problem has raised some objections, though.

Others have pointed out the abject failure of filtering software to deal with health resources like breast cancer awareness and support groups, breast feeding information, and the heavy handed treatment of sites that push information and opinions that the filtering companies object to (consider how various Left and Right blogs / news sources are treated by different filtering programs). Others have pointed to the inability of filters to keep up with the ability of those with malicious intent to change the location and presentation of their 'objectionable material'.

At the end of the day, any teenager or young child that is adept enough to intentionally seek out the content that this scheme is designed to suppress will have the ability to sidestep the protection mechanisms implemented by the program.

This article originally appeared at Sûnnet Beskerming

© 2007 Sûnnet Beskerming Pty. Ltd

Sûnnet Beskerming is an independent Information Security firm operating from the antipodes. Specialising in the gap between threat emergence and vendor response, Sûnnet Beskerming provides global reach with a local touch.