nettime's_AND_gate on Sat, 11 Mar 2000 23:02:01 +0100 (CET)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

<nettime> McCullagh (x2): reverse engineering CyberPatrol4




 Date: Sat, 11 Mar 2000 08:44:31 -0800 (PST)
 From: Declan McCullagh <declan@well.com>
 Subject: FC: Activists reverse CyberPatrol 4, reveal zany secret "blacklist"

     [orig to <politech@vorlon.mit.edu>]

This work is brilliant. Kudos to Jansson and Skala.

Now, blocking software being overzealous and buggy is nothing new. This
article is four years old, and still timely:

http://www.eff.org/pub/Publications/Declan_McCullagh/cwd.keys.to.the.kingdom.0796.article

But it's somewhat surprising that CyberPatrol hasn't cleaned up its act
since being embarrassed so throughly back then.

-Declan


---------- Forwarded message ----------
Date: Sat, 11 Mar 2000 11:38:18 -0500
From: mskala@ansuz.sooke.bc.ca
Subject: Cyber Patrol 4 reversed

March 11, 2000 - ANNOUNCEMENT

Cyber Patrol(R) 4, a "censorware" product intended to prevent users from
accessing undesirable Internet content, has been reverse engineered by
youth rights activists Eddy L O Jansson and Matthew Skala.  A detailed
report of their findings, titled "The Breaking of Cyber Patrol(R) 4", with
commentary on the reverse engineering process and cryptographic attacks
against the product's authentication system, has been posted on the World
Wide Web at this address:

    http://hem.passagen.se/eddy1/reveng/cp4/cp4break.html

The abstract of the report:

    Several attacks are presented on the "sophisticated anti-hacker
    security" features of Cyber Patrol(R) 4, a "censorware" product intended
    to prevent users from accessing Internet content considered harmful.
    Motivations, tools, and methods are discussed for reverse engineering
    in general and reverse engineering of censorware in particular. The
    encryption of the configuration and data files is reversed, as are the
    password hash functions. File formats are documented, with commentary.
    Excerpts from the list of blocked sites are presented and commented
    upon. A package of source code and binaries implementing the attacks
    is included.

Eddy L O Jansson
srm_dfr@hotmail.com
http://hem.passagen.se/eddy1/index.html

Matthew Skala
mskala@ansuz.sooke.bc.ca
http://www.islandnet.com/~mskala/

     [politech footer omitted, see bottom of digest]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Date: Sat, 11 Mar 2000 09:15:44 -0800 (PST)
 From: Declan McCullagh <declan@well.com>
 Subject: FC: What CyberPatrol doesn't want you to see

     [orig to <politech@vorlon.mit.edu>]

So I took a look through the CyberNOT list and was pleasantly unsurprised 
by the program's zaniness, idiocy, and sheer lunacy. Incompetence and 
prudishness are still alive and well in the censorware industry!

To be fair to CyberPatrol, the bulk of the verboten-links are sexually 
explicit, or at least may have been at some point in the last five years. 
But parents and libraries might want to think twice about installing 
something that can't tell a quilting club from sexybabes.com.

For instance, CyberPatrol blocks all student organizations at Carnegie 
Mellon University, including (you guessed it) the Carnegie Threads quilting 
club, ultimate frisbee, volleyball, and robotics clubs:
   http://loiosh.andrew.cmu.edu/org/ (Sexual Acts / Text, Intolerance)

For no apparent reason, it blocks the entire corporate site of Golden West 
Companies ("serving the communications needs of South Dakotans for over 40 
years"):
   http://goldenwestcom.virtdomain.nortel.net/

What Usenet newsgroups Cyberpatrol's morality crusaders find objectionable 
is arguably even more interesting. For instance, journalism discussions are 
off-limits because of "intolerance," which might be a just criticism of 
some corners of the industry, but certainly doesn't seem enough to ban 
discussions of newsgathering:

alt.journalism:
alt.journalism.music:
alt.journalism.newspapers:
alt.journalism.print:
alt.journalism.photo:
alt.journalism.freelance:
alt.journalism.moderated:

Some others include discussions of Philip K. Dick's science fiction 
(alt.books.phil-k-dick is sorted into drug/drug culture), feminism, Jungian 
psychology, food, Chinese culture, and chess and bridge.

More info:
   http://www.politechbot.com/p-00994.html
   http://www.politechbot.com/cgi-bin/politech.cgi?name=censorware
   http://www.politechbot.com/cgi-bin/politech.cgi?name=loudoun

-Declan

alt.abuse-recovery:
alt.answers:
alt.cybercafes:
alt.feminism:
alt.feminism.individualism:
alt.multimedia.toolbook:
alt.multimedia.director:
alt.psychology.personality:
alt.psychology.help:
alt.psychology.person:
alt.psychology:
alt.psychology.jung:
alt.psychology.adlerian:
ba.motss (same-sex issues and discussions)
fj.rec.food:
fj.soc.culture.chinese:
misc.activism.progressive:
news.groups.reviews:
news.groups.questions:
news.groups:
ont.general:
princeton.general:
rec.games.chess.analysis:
rec.games.chess.misc:
rec.games.pinball:
rec.games.backgammon:
rec.games.board:
rec.games.bridge:

--------------------------------------------------------------------------
POLITECH -- the moderated mailing list of politics and technology
To subscribe, visit http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
--------------------------------------------------------------------------

#  distributed via <nettime>: no commercial use without permission
#  <nettime> is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: majordomo@bbs.thing.net and "info nettime-l" in the msg body
#  archive: http://www.nettime.org contact: nettime@bbs.thing.net