________________________________________________________________________________ ================================================================================ Subject: FC: Activists reverse CyberPatrol 4, reveal zany secret "blacklist" From: Declan McCullagh Date: Sat, 11 Mar 2000 08:44:31 -0800 (PST) ================================================================================ This work is brilliant. Kudos to Jansson and Skala. Now, blocking software being overzealous and buggy is nothing new. This article is four years old, and still timely: http://www.eff.org/pub/Publications/Declan_McCullagh/ cwd.keys.to.the.kingdom.0796.article But it's somewhat surprising that CyberPatrol hasn't cleaned up its act since being embarrassed so throughly back then. -Declan ---------- Forwarded message ---------- Date: Sat, 11 Mar 2000 11:38:18 -0500 From: mskala@ansuz.sooke.bc.ca Subject: Cyber Patrol 4 reversed March 11, 2000 - ANNOUNCEMENT Cyber Patrol(R) 4, a "censorware" product intended to prevent users from accessing undesirable Internet content, has been reverse engineered by youth rights activists Eddy L O Jansson and Matthew Skala. A detailed report of their findings, titled "The Breaking of Cyber Patrol(R) 4", with commentary on the reverse engineering process and cryptographic attacks against the product's authentication system, has been posted on the World Wide Web at this address: http://hem.passagen.se/eddy1/reveng/cp4/cp4break.html The abstract of the report: Several attacks are presented on the "sophisticated anti-hacker security" features of Cyber Patrol(R) 4, a "censorware" product intended to prevent users from accessing Internet content considered harmful. Motivations, tools, and methods are discussed for reverse engineering in general and reverse engineering of censorware in particular. The encryption of the configuration and data files is reversed, as are the password hash functions. File formats are documented, with commentary. Excerpts from the list of blocked sites are presented and commented upon. A package of source code and binaries implementing the attacks is included. Eddy L O Jansson srm_dfr@hotmail.com http://hem.passagen.se/eddy1/index.html Matthew Skala mskala@ansuz.sooke.bc.ca http://www.islandnet.com/~mskala/ -------------------------------------------------------------------------- POLITECH -- the moderated mailing list of politics and technology To subscribe, visit http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ -------------------------------------------------------------------------- ================================================================================ Subject: FC: What CyberPatrol doesn't want you to see From: Declan McCullagh Date: Sat, 11 Mar 2000 09:15:44 -0800 (PST) ================================================================================ So I took a look through the CyberNOT list and was pleasantly unsurprised by the program's zaniness, idiocy, and sheer lunacy. Incompetence and prudishness are still alive and well in the censorware industry! To be fair to CyberPatrol, the bulk of the verboten-links are sexually explicit, or at least may have been at some point in the last five years. But parents and libraries might want to think twice about installing something that can't tell a quilting club from sexybabes.com. For instance, CyberPatrol blocks all student organizations at Carnegie Mellon University, including (you guessed it) the Carnegie Threads quilting club, ultimate frisbee, volleyball, and robotics clubs: http://loiosh.andrew.cmu.edu/org/ (Sexual Acts / Text, Intolerance) For no apparent reason, it blocks the entire corporate site of Golden West Companies ("serving the communications needs of South Dakotans for over 40 years"): http://goldenwestcom.virtdomain.nortel.net/ What Usenet newsgroups Cyberpatrol's morality crusaders find objectionable is arguably even more interesting. For instance, journalism discussions are off-limits because of "intolerance," which might be a just criticism of some corners of the industry, but certainly doesn't seem enough to ban discussions of newsgathering: alt.journalism: alt.journalism.music: alt.journalism.newspapers: alt.journalism.print: alt.journalism.photo: alt.journalism.freelance: alt.journalism.moderated: Some others include discussions of Philip K. Dick's science fiction (alt.books.phil-k-dick is sorted into drug/drug culture), feminism, Jungian psychology, food, Chinese culture, and chess and bridge. More info: http://www.politechbot.com/p-00994.html http://www.politechbot.com/cgi-bin/politech.cgi?name=censorware http://www.politechbot.com/cgi-bin/politech.cgi?name=loudoun -Declan alt.abuse-recovery: alt.answers: alt.cybercafes: alt.feminism: alt.feminism.individualism: alt.multimedia.toolbook: alt.multimedia.director: alt.psychology.personality: alt.psychology.help: alt.psychology.person: alt.psychology: alt.psychology.jung: alt.psychology.adlerian: ba.motss (same-sex issues and discussions) fj.rec.food: fj.soc.culture.chinese: misc.activism.progressive: news.groups.reviews: news.groups.questions: news.groups: ont.general: princeton.general: rec.games.chess.analysis: rec.games.chess.misc: rec.games.pinball: rec.games.backgammon: rec.games.board: rec.games.bridge: -------------------------------------------------------------------------- POLITECH -- the moderated mailing list of politics and technology To subscribe, visit http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ -------------------------------------------------------------------------- ________________________________________________________________________________ no copyright 2000 rolux.org - no commercial use without permission. is a moderated mailing list for the advancement of minor criticism. more information: mail to: majordomo@rolux.org, subject line: , message body: info. further questions: mail to: rolux-owner@rolux.org. archive: http://www.rolux.org