30 Minutes To Crack 84$ Million Porn Filter

[Cpl Kendall]

Herald Sun

A MELBOURNE schoolboy has cracked the Federal Government's new $84 million internet porn filter in minutes.

Tom Wood, 16, said it took him just over 30 minutes to bypass the Government's filter, released on Tuesday.

Tom, a year 10 student at a southeast Melbourne private school, showed the Herald Sun how to deactivate the filter in a handful of clicks.

His technique ensures the software's toolbar icon is not deleted, leaving parents under the impression the filter is still working.

A former cyber bullying victim, Tom feared a computer-savvy child could work out the bypass and put it on the internet for others to use.

Tom, who spoke to Communications Minister Helen Coonan about cyber safety during a forum in May, said the Federal Government should have developed a better Australian made filter.

"It's a horrible waste of money," he said.

"They could get a much better filter for a few million dollars made here rather than paying overseas companies for an ineffective one."

In response to the Herald Sun's , inquiries the Government added an Australian designed filter, Integard, to the website yesterday, which Tom cracked within 40 minutes.

Senator Coonan said the Government had anticipated children would try and find ways to get around the NetAlert filters, and suppliers were contracted to provided continuing updates.

"The vendor is investigating the matter as a priority," Senator Coonan said.

"Unfortunately, no single measure can protect children from online harm and . . . traditional parenting skills have never been more important."

Family First Senator Steve Fielding, a long-time campaigner for cyber safety, said cracking the software showed the need for compulsory filtering by internet providers.

"You need both. You need it at the ISP and at the PC level," Senator Fielding said.

"The Government has not listened to common sense and it leaves kids exposed."

The filters are designed to stop access to sites on a national blacklist, bar use of chat rooms, and can be tailored by parents to stop access to sites.

Tom stressed the filters were missing the mark by a long way regardless of how easy they were to break.

"Filters aren't addressing the bigger issues anyway," he said. "Cyber bullying, educating children on how to protect themselves and their privacy are the first problems I'd fix.

"They really need to develop a youth-involved forum to discuss some of these problems and ideas for fixing them."

The $189 million NetAlert scheme includes $84.4 million for the National Filter Scheme, plus funding for online policing, a help line, and education programs.

The Government will also offer the option of filtering by internet service providers.

Under its filter program, households can download the filter from netalert.gov.au or have it sent out on to them.

Well that's money well spent. I hope they sue the developer and the company fires the testers.

[B4UTRUST]

What people seem to fail to realize is that children are infinitely smarter on computers now then adults. Your average child is better then you are on computers. They'll figure a way around it all.

Also, the software is made and designed by humans. There is never going to be a perfect security software out there. For every new innovation in digital security, someone has already figured out how to bypass it.

[Cpl Kendall]

Yes, most teens can circumvent a firewall or net nanny pretty easily. To quote a user from another board "never send software to do a parents job". They should hire this kid as a tester though.

[B4UTRUST]

You want a good group of testers, send a rep to DefCon and install the software on the LAN. If it takes more then five minutes to break the software then you've got a good product.

I say this as a attendant of DefCon and having been on the LAN of Doom. There is no such thing as a safe system there. It is considered the world's most hostile network ever. If it survives DefCon it'll survive anything.

[SirNitram]

You want a good group of testers, send a rep to DefCon and install the software on the LAN. If it takes more then five minutes to break the software then you've got a good product.

I say this as a attendant of DefCon and having been on the LAN of Doom. There is no such thing as a safe system there. It is considered the world's most hostile network ever. If it survives DefCon it'll survive anything.

Has anything survived the full DefCon?

[B4UTRUST]

*thinks* No, not that I recall from the times I went. And not that I've ever heard reported. You're talking about the most dangerous digital domain in the history of computing. Nothing is safe, nothing is sacred, nothing is secure. It's half the reason my computer and network is so paranoid.

But the point still stands. If it can survive Defcon for a few minutes it'll resist the attempts of anyone who isn't a techno-savy programmer or incredibly clever. So basicly even your average teenager net-nanny bypasser would have difficulty with it.

[Destructionator XV]

Filtering should be done at a different level - perhaps the home's link to the Internet itself, which of course, necessitates custom hardware, but it would be harder to break.

This custom hardware should be able to answer random, encrypted queries from the ISP to ensure it is valid, so simply replacing it with a standard modem fails.

This locks out the parents too, but if they can get in, the kids can too.

This could be broken, but it would take a hell of a lot more skill than anything client side.


But, here's the real problem: how do you differentiate blocked sites from acceptable sites? Blacklists can't get it all, and matching algorithms are often inaccurate.



(Or, just the ideal answer is to just accept the pr0n and stop fighting it, but blocking it is still a fascinating technical challenge... and one that is apparently quite profitable even if incompetent.)

[Cpl Kendall]

Personally I'm not to concerned about porn, I'm worried about net predators. Which is why my childrens net access is supervised.

[Destructionator XV]

I don't think a porn filter will help much with the predators anyway. Your solution of keeping an eye on them (surely coupled with teaching them) is probably the only reliable method.

[Cpl Kendall]

I don't think a porn filter will help much with the predators anyway. Your solution of keeping an eye on them (surely coupled with teaching them) is probably the only reliable method.

That's pretty much what we do. The only thing they do is chat with their grandparents and uncle on MSN and occasionly use the Seasame Street website (their only 6 and 4) so at this point we're really just establishing good habits.

[frigidmagi]

(Or, just the ideal answer is to just accept the pr0n and stop fighting it, but blocking it is still a fascinating technical challenge... and one that is apparently quite profitable even if incompetent.)

The idea here to give parents some means of keeping their kids from going to websites they don't approve of. Also, school computers shouldn't be used to access porn. I'm not being anti-porn here, I'm just saying there's a time and a place for it. The school library is not the place to look up porn sites. Also there are some truly vile porn sites out there I'm not so sure are healthy for adults(if you really want to know use the PMs, some things should not be discussed in public) much less children. Of course teens can break it, big deal, part of being a teenager is trying to break the rules, if in the distant future when I am father all my teens are doing is breaking web filters to look up dirty smut, then I will be damn relieved.

I would say there is a valid and damn well needed use for a net filter.