Black, greylists wrong approach to net filtering: Analyst

Security expert says ever-growing blacklists will never keep up, and filtering funds should be redirected to AFP’s Online Child Sex Exploitation Team

An information security expert claims the government has the wrong approach to Internet filtering, and should focus on protecting Australians from technical risks rather than content.

IBRS information security advisor, James Turner, has setup the Web site to lobby Australian ISPs to provide a safer Internet feed cleansed of known malicious content, like spam and viruses.

Turner claims the government, which has invited telcos to test the filtering technology over Christmas, should follow the lead of security vendors who are largely giving up on blacklisting viruses.

“The problem with using blacklists is that you always have to go back to your supposedly omniscient database and compare every instance of a new site to the entire database of all that you know to be bad,” he said.

“This is just bad engineering because there are two massive problems with this architecture: Firstly, you can never keep the database current; and secondly it will only ever grow because that is how a blacklist works.

“In the IT security world even the software vendors are now realising that we cannot just keep on building a blacklist of all the viruses, because the list cannot ever shrink, it will only ever grow, and it will always be out of date,” he said.

Anti-virus products have for years been known to incorrectly block legitimate programs because the anti-virus tool thought it was behaving maliciously.

“But if we extrapolate to the idea of content, where so much is subjective, then what hope do we have of ever having a blacklist which works?” he asked.

With ICANN’s proposal to add thousands of new top level domains (TLDs), NetChoice executive director, Steve Delbianco, said it would create a monster headache for the Australian Communications and Media Authority (ACMA), charged with maintaining the “illegal” blacklist and so-called “inappropriate” greylists of content to be blocked.

“With thousands of TLDs, it only makes the maintenance of that list that much more difficult to keep up with. You can imagine the department in Canberra scouring the Internet everyday for pages that have just come up which fit into the greylists or even the blacklist,” he said.

Technically, Delbianco said a single blacklist of illegal content should and could be implemented without impacting performance. His concern is the proposal for additional "grey" lists of “inappropriate” content that could be unique to each and every household in Australia.

“The ISP has to first verify which household it’s coming from, then go and check their database to see which lists this house has selected, then check the page against those lists. This is for every page retrieval, every link, for every household,” he explained. “That is going to impact performance.”

Delbianco said this will create a technical nightmare, but the more frightening prospect is the litigation and controversy surrounding whether something belongs on the list or doesn’t.

As a parent of two young boys, he feared other parents would not take an active enough role in managing their children online and would use the lists as an easy replacement to vigilant monitoring of their children's activities.

“NetChoice works so hard to protect kids from bad content and bad people, and patently illegal content ought to be blocked,” he said.

“What concerns us is the slippery slope to multiple shades of optional greylists, each customised and with vested interests. I would say it’s a slippery slope, but it feels more like a cliff. You have categorised and stigmatised content, and made it trivial for a parent or an employer to check the box and block all of it.”

Turner said filtering technology should only be filtering for technical problems, like spam and viruses, and that using technology to block content is a mismanagement of government resources.

“The Electronic Frontiers Association have rightly pointed out that it’s simply impractical to review, classify and then block every site which contains illegal content. A much smarter way of going about things is to let people surf the Internet, but keep an eye on the known sites of concern and monitor who goes there and what they do,” he said.

“The best way to combat serious problems like child pornography is to get the Australian Federal Police (AFP) to infiltrate paedophile rings that share their content and run sting operations. Content filtering will be a waste of money because it’s trying to use technology to fix a people problem. This is why the AFP has its Online Child Sex Exploitation Team. If the government was truly interested in protecting our children it would boost the funding of this initiative by several orders of magnitude.”

Join the PC World newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags Australian Federal PoliceIBRSNetChoiceACMA

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Show Comments

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Armand Abogado

HP OfficeJet 250 Mobile Printer

Wireless printing from my iPhone was also a handy feature, the whole experience was quick and seamless with no setup requirements - accessed through the default iOS printing menu options.

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?