[clug] OT: Protesting the proposed clean feed?

Sunnz sunnzy at gmail.com
Wed Oct 22 14:13:40 GMT 2008

2008/10/22 Robert Edwards <bob at cs.anu.edu.au>:
> What is our "best practice" for home Internet filtering?
> Looking forward to hearing what others may have done.

Hmm, I am just a student here, no kids for me (yet)... but I do have
filtering set up at home, for my parents, mainly to block ads, it does
speed up the web, and block 'rot sites', like goatse or whatever that
is called... it is done using just Squid with a very simple wget in a
cron job to get a list of adservers and a few well known rot sites.

I have also used OpenDNS when setting up internet for a few older
adults with young kids, again it is pretty lax, just blocking porn in
general and phishing websites. It is simple to set up, and its
settings can be changed easily via a web interface, they can even
configure the settings themselves if they like, though they never had
to, it just doesn't false positive. There is a latency however, since
OpenDNS doesn't have any servers in Australia, but for general web
surfing it is good enough for the them.

It is the opposite direction of most parents are doing, it just shows
how easy and powerful existing solutions are.

By the way from what I have read, the proposal is to filter https as
well as http. As you may know https's designed specifically not to be
intercepted, so my guess is that they would force people to use their
https proxy, or transparently intercept the connection anyway and let
the user click the ignore button... which the ignore function have
been made more scare factor in FireFox 3.

Does that mean that the Australian population would essentially be
taught to ignore SSL warnings? What about foreigners coming Australia
for business, we will be forcing them to trust our government to
intercept their secure connection?

I have been looking at "Obfuscated TCP":
http://code.google.com/p/obstcp/ which from what I understand, it uses
DH to establish an encrypted TCP connection between any 2 endpoints,
could it possibly be used to make https remain a secure protocol free
of interception?

What do you think?
This e-mail may be confidential. You may not copy, forward or use any
part. All disclaimers on the Internet are of zero legal effectiveness.

More information about the linux mailing list