Does the End Justify the Means?

[InfoSec News <isn () c4i org>]

http://www.wired.com/news/politics/0,1283,58082,00.html

By Patrick Di Justo  
March 18, 2003

If you can read this, you're probably not in Myanmar. 

That country's military junta has blocked Internet access to Wired 
News, as well as to most porn sites and to the website of the Free 
Burma Coalition. 

If you're in China or Saudi Arabia, you'll have a hard time viewing 
anti-government websites and Internet porn. And if you're surfing the 
Net from one of 40 percent of the libraries or schools in the United 
States, don't expect access to websites hosted on Tripod or Geocities. 

The University of Toronto's Internet Censorship Explorer permits 
anyone with a Web browser to test the limits of certain national and 
organizational Internet-blocking schemes. Users simply enter a target 
URL and a country into a search field on the Censorship Explorer's 
website. The software then scans the ports of available servers in 
that country, looking for open ones. By using the foreign computer as 
a proxy server, ICE then attempts to visit the target URL from behind 
that country's firewall. The result is either the visible website or a 
"page blocked" message is then returned to the user. 

Project director Ronald Diebert knows that by using port-scanning 
technology, he's operating in a gray area. 

"Network security administrators often look upon port scanning as 
surface evidence of malicious hacking," he said. "However, port 
scanning alone is not a crime in Canada or the United States." 

His use of proxy servers is a bit more controversial, he said. "We do 
not have explicit prior permission to use the computers. However, we 
are assuming that if a port is left open, it is intended to be used as 
a proxy and is configured as such." 

Computer security professionals, though, do not look kindly at that 
assumption. 

"This to me is no different than hacking," said Jon Asdourian, a 
computer forensics examiner with Stroz-Friedberg. "They're obviously 
using resources that would not normally be available. Using someone 
else's resources without their knowledge is abhorrent to us." 

Richard Mason, director of the Maguire Center for Ethics at Southern 
Methodist University, said that the issue is murky. "They're asking an 
ethical question of censorship within a country, which is a good 
thing. On the other hand there's an element of deception to it." 

Diebert defends the project as being for the greater good. "We do not 
intend to use these tools to damage or steal data, or reveal 
information about system vulnerabilities. Our aim is to empirically 
study Internet content filtering, and this is the only way it can be 
done without partners on the ground." 

Diebert has written a six-point statement of principles that all his 
researchers must follow. They are absolutely forbidden to damage the 
proxy servers they find open. Deibert has also let the computer 
administrators at the University of Toronto know about the project. 

"I feel strongly about the value of this type of research," Diebert 
said. "Uncovering censorship and surveillance practices is fair game." 

Using ICE, Diebert and his team have discovered that pornography and 
government criticism are the subjects most frequently blocked by 
non-democratic countries. China's blocking techniques keep out 
everything from Playboy.com to Friends of Falun Gong to the Dalai 
Lama's website. 

Chinese officials insist such techniques do not amount to censorship. 

"We don't have censorship of the Internet," said Larry Wu, second 
secretary for Science and Technology at the Embassy of the People's 
Republic of China in Washington. "Generally, the Chinese government is 
for the full exchange of information. We have full freedom of speech, 
freedom of the press. However, we have our own understanding of what 
is a limitation of the freedom of speech. So we do use techniques to 
block certain websites, as well as we try to block spam." 

Nail Al-Jubier, a spokesperson for the Embassy of the Kingdom of Saudi 
Arabia, admits that his government regulates Internet access. 

"The overwhelming number of blocked sites are pornography," Al-Jubier 
said. "Some websites that are deemed un-Islamic -- those that promote 
violence -- are blocked because of the standards of the community. 
Some parents don't want their children going online if these are the 
things they can see." 

Al-Jubier denies that Saudi Arabia blocks sites deemed politically 
objectionable, but admits that sometimes mistakes happen. "One time 
Fox News was blocked and we didn't know why, but we manually unblocked 
(it)." 

He added that Saudi citizens who want to avoid the government Net 
censorship can always dial up through America Online to Bahrain or 
Dubai. 

Diebert has plans to modify his Internet Censorship Explorer so it 
operates as a distributed computing-type project, like SETI@Home, that 
would let Internet users worldwide search for and find available proxy 
servers in target countries. He plans to keep ICE running "as long as 
there is Internet censorship and surveillance worldwide." 



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.