January 2008 Archives
Ok, this is stupid. Lets forget about the idea of someone controlling what you download and view online as being morally like deep frying baby kittens in oil lets just address the technical aspects of such a adventure. This is kind of like gun control, it will keep honest people honest, thats it nothing more. At best they can do pattern based recognition on the network to look for files, for example if you do not want to allow a file with the words 'super secret company document on how-to defraud customers' from leaving your network you would make sure that all traffic leaving the network passed into a in-line device or devices that would perform content filtering based on that string, if it matches drop the connection. Now it does not have to buffer the entire connection it just needs to read the connection and see if any of the strings it is looking for matches then send a reset. Ok, so cool you are filtering content now. But users being the people that they are, and 'pirates' being the peg-legs they are will look for ways around this filtering and how will they do it you ask? Well its simple encrypt the content as is passes over the network, SSL will work, or a SSH tunnel, or anything that does that will get the job done. Now all those strings you are looking for will never match anything because it is encrypted! And no, they cannot crack the encryption in anything approaching a time line that makes active filtering possible. So how will the companies filter encrypted content? You COULD I guess 'profile' the traffic and block connections that you THINK are being used by pirates, but the problem with this is that you will end up with a false positive rate, think about all those poor OSS developers shipping around a large code base, or someone streaming content from private server a.
So to end this lets look at what we have really done by implementing filtering at the tier I level. NOTHING! we have stopped nothing, we have prevented nothing but we now have the hardware in place to filter other things out, like maybe a website the the company controlling that content filter does not like. The name for this is the 'great firewall of china' you may have read about it because so many people think it is such a violation of personal freedoms but all the sudden it is ok in the US because we are protecting copyrighted work? Get real.
So to end this lets look at what we have really done by implementing filtering at the tier I level. NOTHING! we have stopped nothing, we have prevented nothing but we now have the hardware in place to filter other things out, like maybe a website the the company controlling that content filter does not like. The name for this is the 'great firewall of china' you may have read about it because so many people think it is such a violation of personal freedoms but all the sudden it is ok in the US because we are protecting copyrighted work? Get real.
View image
Fear.
Fear.
