[ISN] Does the End Justify the Means?

From: InfoSec News (isnat_private)
Date: Tue Mar 18 2003 - 05:37:23 PST

  • Next message: InfoSec News: "[ISN] Linux Security Week - March 17th 2003"

    By Patrick Di Justo  
    March 18, 2003
    If you can read this, you're probably not in Myanmar. 
    That country's military junta has blocked Internet access to Wired 
    News, as well as to most porn sites and to the website of the Free 
    Burma Coalition. 
    If you're in China or Saudi Arabia, you'll have a hard time viewing 
    anti-government websites and Internet porn. And if you're surfing the 
    Net from one of 40 percent of the libraries or schools in the United 
    States, don't expect access to websites hosted on Tripod or Geocities. 
    The University of Toronto's Internet Censorship Explorer permits 
    anyone with a Web browser to test the limits of certain national and 
    organizational Internet-blocking schemes. Users simply enter a target 
    URL and a country into a search field on the Censorship Explorer's 
    website. The software then scans the ports of available servers in 
    that country, looking for open ones. By using the foreign computer as 
    a proxy server, ICE then attempts to visit the target URL from behind 
    that country's firewall. The result is either the visible website or a 
    "page blocked" message is then returned to the user. 
    Project director Ronald Diebert knows that by using port-scanning 
    technology, he's operating in a gray area. 
    "Network security administrators often look upon port scanning as 
    surface evidence of malicious hacking," he said. "However, port 
    scanning alone is not a crime in Canada or the United States." 
    His use of proxy servers is a bit more controversial, he said. "We do 
    not have explicit prior permission to use the computers. However, we 
    are assuming that if a port is left open, it is intended to be used as 
    a proxy and is configured as such." 
    Computer security professionals, though, do not look kindly at that 
    "This to me is no different than hacking," said Jon Asdourian, a 
    computer forensics examiner with Stroz-Friedberg. "They're obviously 
    using resources that would not normally be available. Using someone 
    else's resources without their knowledge is abhorrent to us." 
    Richard Mason, director of the Maguire Center for Ethics at Southern 
    Methodist University, said that the issue is murky. "They're asking an 
    ethical question of censorship within a country, which is a good 
    thing. On the other hand there's an element of deception to it." 
    Diebert defends the project as being for the greater good. "We do not 
    intend to use these tools to damage or steal data, or reveal 
    information about system vulnerabilities. Our aim is to empirically 
    study Internet content filtering, and this is the only way it can be 
    done without partners on the ground." 
    Diebert has written a six-point statement of principles that all his 
    researchers must follow. They are absolutely forbidden to damage the 
    proxy servers they find open. Deibert has also let the computer 
    administrators at the University of Toronto know about the project. 
    "I feel strongly about the value of this type of research," Diebert 
    said. "Uncovering censorship and surveillance practices is fair game." 
    Using ICE, Diebert and his team have discovered that pornography and 
    government criticism are the subjects most frequently blocked by 
    non-democratic countries. China's blocking techniques keep out 
    everything from Playboy.com to Friends of Falun Gong to the Dalai 
    Lama's website. 
    Chinese officials insist such techniques do not amount to censorship. 
    "We don't have censorship of the Internet," said Larry Wu, second 
    secretary for Science and Technology at the Embassy of the People's 
    Republic of China in Washington. "Generally, the Chinese government is 
    for the full exchange of information. We have full freedom of speech, 
    freedom of the press. However, we have our own understanding of what 
    is a limitation of the freedom of speech. So we do use techniques to 
    block certain websites, as well as we try to block spam." 
    Nail Al-Jubier, a spokesperson for the Embassy of the Kingdom of Saudi 
    Arabia, admits that his government regulates Internet access. 
    "The overwhelming number of blocked sites are pornography," Al-Jubier 
    said. "Some websites that are deemed un-Islamic -- those that promote 
    violence -- are blocked because of the standards of the community. 
    Some parents don't want their children going online if these are the 
    things they can see." 
    Al-Jubier denies that Saudi Arabia blocks sites deemed politically 
    objectionable, but admits that sometimes mistakes happen. "One time 
    Fox News was blocked and we didn't know why, but we manually unblocked 
    He added that Saudi citizens who want to avoid the government Net 
    censorship can always dial up through America Online to Bahrain or 
    Diebert has plans to modify his Internet Censorship Explorer so it 
    operates as a distributed computing-type project, like SETI@Home, that 
    would let Internet users worldwide search for and find available proxy 
    servers in target countries. He plans to keep ICE running "as long as 
    there is Internet censorship and surveillance worldwide." 
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue Mar 18 2003 - 08:19:59 PST