[plug] censorship in australia

[Bret Busby]

Paul Baumgarten wrote:
> 
> <snip>
> >
> > This is an issue that affects everyone on the mailing list, and a number
> of
> > people on the mailing list are ISP's.
> >
> > Also, there are issues here, such as whether these "screening programs"
> are
> > going to be functional on Linux, whether they are going to be functional
> at all,
> > how they will affect a user's download speeds, system performance, system
> > stability, system security, etc.
> >
> > Given that the feral government has apparently approved legislation to
> allow, or
> > otherwise allowed, the government "security" (or insecurity!)
> organisations to
> > breach computer security, by covertly entering a user's computer, and
> given that
> > the USA governments are on the verge of allowing software companies to
> remotely
> > disable software, the issue is one that is probably quite appropriate for
> the
> > mailing list. How do we know, and what assurances do we have, that the
> > "screening software" will not be so used to breach a computer's security?
> >
> > Do you know, Garth, what the effects of the issue will be on the aspects
> of
> > Linux systems, as mentioned above? Do you know to what degree the
> applications
> > will interfere with, or disable a Linux box, or an Apache web server, or
> the
> > Linux mail applications, or other applications on a Linux box? Do you know
> > whether the screening programs will interfere with ipchains and other
> > firewalling and gateway software? Can you guarantee that what you believe
> about
> > these issues is absolutely correct?
> >
> <snip>
> 
> For people interested in this I would advise reading the actual proposed
> code of practice! (always a good idea to have knowledge regarding an issue
> before talking about it ;-)
> 
> It can be downloaded from the Internet Industry Assoc:
> 
> http://www.iia.net.au/code.html
> 
> I have only briefly read the document but already know that I am exempt from
> it under section 12B4(b).
> 
> I would also assume that most Linux users could be potentially exempt under
> section 12B4(a) and I quote:
> 
> >12B.4  The preceding Clause (the one that says thou shalt use NetNanny or
> the like) shall have no
> >application in respect of the supply of Internet access services by an ISP
> to the following classes
> >of users:
> >(a) commercial users who already have in place some form of Content
> filtering or control, whether
> >by means of firewall technology or otherwise, such as is likely to make the
> use of the measures
> >listed in the Schedule unnecessary or redundant;
> 
> My interpetation of this would be that a sysop who programmed their firewall
> (using IPchains or whatever)
> to block sites that would reasonably need blocking then you don't need a
> commerical 3rd party solution,
> thus alleviating any security concerns associated.
> 
> Obviously if you are using Linux at home you aren't a commerical user and
> this doesn't apply... sorry :-(
> 

So what about a Linux user who does not allow people under the age of 18 access
to the system?

If the linux system is part of a machine that is used commercially, to which
people under the age of 18 do not have access, what then?

What about the issue previously raised, about current software being
indiscriminate, and blocking access to sites with words on them that perverted
members of parliament regard as obscene, like breast, as in breast cancer,
testicle as in cancer of the testicles, and anything that is regarded as
politically incorrect, like the bug track sites, that inform of security
breaches, and the One Nation party, etc?

Are we expected by the IIA, to prevent ourselves from accessing these sites, and
therefore expected to put our health and the security of our computer systems at
risk? Are we expected to install software of a type which, so far, has been
apparently shown to be malfunctional?

Regarding my reference to the ipchains, if a Linux user has configured their
system to prevent access to the system from anyone other than the superuser
permitted users, will that be legal, if the feral government wants to monitor
the content of the computers, or the email passing in and out of a computer, or
where a user has visited on the Internet? Will the software that is proposed to
be required, be required to be able to compromise a system's security, to allow
feral government monitoring of the system and how it is used, or otherwise to
allow government agencies to infiltrate the system, or to allow USA software
companies to violate the system security, so they can remotely disable software
that they have produced, in accordance with the proposed USA legislation?

Remember, we are referring to untrustworthy government agencies taking control
of the computers (or possibly so doing), and similarly, untrustworthy software
companies possibly doing the same.

Does that mean that such software will be required to be installed so it has
superuser privilege, so it can violate system security, in order to satisfy the
perverted and megalomaniac desires of members of parliament, or the megalomaniac
aspirations of software companies?

So, how WILL the proposal affect the operation of computer systems, especially
Linux systems, of which the security provisions are regarded highly?

Will that aspect of Linux be lost, due to the proposal?

That is apart from the other, minor issues involved, such as whether the system
will still work, and, if so, at what performance level will it run?

Also, how much virtual memory will be required to run the software? Will it
require an extra 64MB of RAM, or of swap space, to cope with a massive TSR that
will be constantly monitoring whatever a user does, and what data and images are
processed? Will the software, if it has to reside on a user's computer,
incorporate image recognition software, so it performs continual censorship[ of
what is going on in a computer system? If so, will it incorporate images that it
regards as offensive, with which to compare any image displayed on a user's
screen, or stored on a user's disk, or downloaded (whether wittingly or
otherwise) to a user's system from the Internet or across a LAN?

Will the software upload information about where a user goes, and what a user
does, using a computer?

How will the software react to an image sent by a person to another person, or
broadcast, on a LAN?

What protection will a computer, and the computer's owner, and/or user, have
against security breaches, or, have, of their privacy?

Thus, will the security (and performance, etc) of Linux be compromised?

Bret Busby
.....................