Interesting People mailing list archives
Re: The Great Firewall of Norway
From: David Farber <dave () farber net>
Date: Tue, 13 Feb 2007 14:55:56 -0500
Begin forwarded message: From: Rich Kulawiec <rsk () gsp org> Date: February 13, 2007 2:06:47 PM EST To: "Simen E. Sandberg" <senilix () gallerbyen net>Cc: David Farber <dave () farber net>, Gunnar Helliesen <gunnar () helliesen com>
Subject: Re: [IP] Re: The Great Firewall of Norway
?The minority agrees with the majority that a measure of this type willnot give 100 percent effect, as there exists technical by-passing possibilities. Still, at the same time, this is the case for mostmeasures in the struggle against computer ciminality. Even if the effectwill not be 100 percent with a filter, it can be considerable. If one can stop most of the illegal traffic with a filter, a lot will be achieved.?
This is currently impossible. (That is, "stop[ping] most of the illegal traffic with a filter".) Phishers, identity thieves, spammers, and child pornographers -- among others -- are in control of at least 100 million systems located allover the world. (Vint Cerf estimates 140M here: http:// arstechnica.com/news.ars/post/20070125-8707.html
and a recent NYTimes article by Markoff cites a figure of 70M. Nobody knows for sure, but there seems widespread agreement that 100M is the right order of magnitude -- and it's getting worse.) Norway is not exempt from this. I've observed quite a few hijacked systems on monet.no, alfanett.no, bluecom.no, adsl.no, sbnett.no, tele2.no, catch.no, and others -- just like I have on most ISPs in most countries. These systems can be used to host web sites, provide DNS, send mail, host FTP sites, participate in P2P networks, conduct DoS attacks -- whatever their new masters want. So how, exactly, do you plan to block?You can't block based on domain: these people buy domains by the hundreds,
sometimes thousands, and change them much faster than you can update filters.You can't block by IP address, because they have their choice of many tens of millions -- including all the hijacked systems inside Norway. (Of course,
if the systems implementing the blocking are themselves hijacked...) You can't block by protocol, because those same protocols are used for lots of other things. (And even if you did, someone would just invent another protocol.) You can't block by content, because no software method is even remotely close to reliable enough and all the ones involving humans are either biased, slow, or both. Besides, it's easy enough to encrypt traffic. And so on. So let me tell you what will happen if you proceed with this proposal.It will have a temporary, minor effect. It might even help authorities find
a few of the stupider criminals. These arrests will be announced as "proving" the success of the measures. Some of them will be of innocent victims (see "Julie Amero" who may well be one here in the US) whose computers were hijacked and used without their knowledge. But within a relatively short time, none of it will matter. The people who wish to profit by providing this material will have figured out very effective ways to bypass the filters. And you'll be right back where you are today -- except you will have spent a lot of time and money to get there. You won't be "stopping most of the illegal traffic", you'll barely be stopping *any* of it. ---Rsk ------------------------------------------- Archives: http://archives.listbox.com/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- The Great Firewall of Norway David Farber (Feb 13)
- <Possible follow-ups>
- Re: The Great Firewall of Norway David Farber (Feb 13)
- Re: The Great Firewall of Norway David Farber (Feb 13)
- Re: The Great Firewall of Norway David Farber (Feb 13)
- Re: The Great Firewall of Norway David Farber (Feb 13)