Internet Content Filtering in Australia



Similar documents
Closed Environment Testing of ISP Level Internet Content Filters. Report to the Minister for Broadband, Communications and the Digital Economy

Internet Service Provider (ISP) Content Filtering Pilot Report October 2009

Freegate The Case AGAINST Censorship of Content

Mandatory Internet Censorship in Australia?

EMERGENCY FLEXIBLE BACK-UP. Internet packages to support your business

CIR (down/up) 256k/64k 320k/96k 384k/128k. Throughput allowance 2 GB 4 GB 6 GB. (down/up) in unexpectedly high fees.

Telstra Business Broadband

How to Search the Internet

Lab Diagramming External Traffic Flows

LARGE-SCALE INTERNET MEASUREMENTS FOR DIAGNOSTICS AND PUBLIC POLICY. Henning Schulzrinne (+ Walter Johnston & James Miller) FCC & Columbia University

TRUFFLE Broadband Bonding Network Appliance. A Frequently Asked Question on. Link Bonding vs. Load Balancing

Norfolk Community Fiber Optic Network

The RC Family of Companies Network Management Practices Policy Disclosure

FatPipe Networks Network optimisation and link redundancy for satellite communications

Key Term Quiz Answers

Congestion Management Provider does not employ any congestion management tools, practices and/or software on network traffic.

Chapter 9 The Internet

Copyright ZYCOO All Rights Reserved 1 / 8

Measuring Broadband America

Chapter 15: Advanced Networks

FREQUENTLY ASKED QUESTIONS

Cisco Virtual Office over WiMAX in India

The Effect of Caches for Mobile Broadband Internet Access

Broadband Quality of Service Experience (QoSE)

The Internet and Network Technologies

Four Steps to Diagnose Network Performance Issues. Hidden Secrets for Increasing Productivity by Improving Your Network

Winn Communications constantly monitors its network to manage congestion avoid over utilization of circuits.

ADSL or Asymmetric Digital Subscriber Line. Backbone. Bandwidth. Bit. Bits Per Second or bps

WOW! INTERNET, CABLE AND PHONE NETWORK MANAGEMENT PRACTICES (Pursuant to 47 C.F.R. 8.1 et seq)

NEWWAVE COMMUNICATIONS BROADBAND INTERNET SERVICE DISCLOSURES. Updated October 2012

How To Get More Bandwidth From Your Business Network

Bandwidth and WiFi - understanding it made easy for meeting planners at last!

Application Note. Network Optimization with Exinda Optimizer

VoIP services offer an alternative to regular fixed line phone services that may provide benefits to consumers.

Measuring Broadband America. Walter Johnston, Chief ECC Federal Communications Commission NANOG

Truffle Broadband Bonding Network Appliance

PacketStorm Communications, Inc. was founded in November 1998 by a group of engineers from the prestigious Bell Laboratories.

Distributed Systems. 23. Content Delivery Networks (CDN) Paul Krzyzanowski. Rutgers University. Fall 2015

TRUFFLE Broadband Bonding Network Appliance BBNA6401. A Frequently Asked Question on. Link Bonding vs. Load Balancing

Broadband Bonding Network Appliance TRUFFLE BBNA6401

Getting Broadband. FCC Consumer Facts. What Is Broadband?

QoS (Quality of Service)

Jive Core: Platform, Infrastructure, and Installation

Lab 1: Evaluating Internet Connection Choices for a Small Home PC Network

Analysis of traffic demographics in Broadband networks

Chapter 5. Data Communication And Internet Technology

FRANKFORT PLANT BOARD CABLE MODEM INTERNET BROADBAND INTERNET SERVICE DISCLOSURES

Networks 2. Gabriela Ochoa University of Stirling CSCU9B1 Essential Skills for the Information Age. Content

LAKE REGION ELECTRIC COOPERATIVE, INC. BROADBAND INTERNET SERVICE DISCLOSURES. Updated September, 2013

Chapter 1 Instructor Version

Introduction to computer networks and Cloud Computing

Connecting Australia s NBN Future to the Globe

POTTAWATOMIE TELEPHONE COMPANY BROADBAND INTERNET SERVICE DISCLOSURES. Updated November 19, 2011

The Internet and Its Uses

NORTHLAND COMMUNICATIONS BROADBAND INTERNET SERVICES NETWORK MANAGEMENT POLICY

SHIDLER TELEPHONE INTERNET BROADBAND INTERNET SERVICE DISCLOSURES. Updated November 20, 2011

Satellite Broadband FAQs

Kick starting science...

Are you getting the speed that you pay for? Understanding Internet Speeds

THE NATIONAL JUDICIAL COLLEGE

MARATHON COUNTY TECHNOLOGY COMMITTEE

Home Networking Evaluating Internet Connection Choices for a Small Home PC Network

Virtual Leased Line (VLL) for Enterprise to Branch Office Communications

Load Balance Mechanism

Network Management, Performance Characteristics, and Commercial Terms Policy. (1) mispot's Terms of Service (TOS), viewable at mispot.net.

CONNECTING TO LYNC/SKYPE FOR BUSINESS OVER THE INTERNET NETWORK PREP GUIDE

BORDERS BROADBAND - FREQUENTLY ASKED QUESTIONS

Introduction to ADSL. NEXTEP Broadband White Paper. Broadband Networks Group. A primer on Asymmetric Digital Subscriber Line transmission technology.

Broadband Cable Service Deployment at WorldCall Telecom - Pakistan. Hassan Zaheer Manager Operations Broadband Division

Technical Glossary from Frontier

Customer Fact Sheet: Critical Information Summary ADSL 2+ Internet Plan(s)

Reliable high throughput data connections with low-cost & diverse transport technologies

Broadband What is it?

Cable Modems. Definition. Overview. Topics. 1. How Cable Modems Work

CITS1231 Web Technologies. Client, Server, the Internet, and the Web

DNS, CDNs Weds March Lecture 13. What is the relationship between a domain name (e.g., youtube.com) and an IP address?

Internet. switchtelecom.com.au. May2014-Version 1

Hamilton County Communications, Inc. NETWORK POLICY AND PRACTICE FOR ISP. Table of Contents

Chapter 9. Internet. Copyright 2011 John Wiley & Sons, Inc 10-1

Distributed Systems 19. Content Delivery Networks (CDN) Paul Krzyzanowski

Fixed Line Broadband Performance (ADSL) in New Zealand. April June 2013

The part of the network that connects customers to the exchange, sometimes called the local loop or the last mile.

Customer Fact Sheet: Critical Information Summary NBN Internet Plan(s)

FACT SHEET DATA SOLUTIONS DSL INTERNET GRADE

GIGASTREAM BASIC BROADBAND Bristol and Bath Science Park

Telecom & Broadband. Cutting the cost of line rental, calls & broadband

MMGD0204 Web Application Technologies. Chapter 1 Introduction to Internet

Best practice for SwiftBroadband

NETWORK ISSUES: COSTS & OPTIONS

R2. The word protocol is often used to describe diplomatic relations. How does Wikipedia describe diplomatic protocol?

YOUR CANADIAN CONNECTION

TCP/IP Network Communication in Physical Access Control

LAB 1: Evaluating Internet Connection Choices for a Small Home PC Network

Small Business Server Part 2

Redundancy for Corporate Broadband

Chapter 3 Fixed voice services

User Manual. Page 2 of 38

BEFORE THE FEDERAL COMMUNICATIONS COMMISSION WASHINGTON, D.C

Best Practices for Controlling Skype within the Enterprise > White Paper

Transcription:

Internet Content Filtering in Australia What it is and isn t Paul Brooks Director ISOC-AU pbrooks@layer10.com.au Agenda Planning for the trial Content Filtering Technical Trial Trial Results Next Steps in 20 minutes Feb 2010 AU Internet Filtering for APAN29 - Feb 2010 - (c) ISOC-AU 2 (c) ISOC-AU - all rights reserved. 1

Pre-history. 2001: CSIRO Blocking Content on the Internet:A Technical Perspective (report to NOIE) 2003: Ovum Internet Content Filtering (report to DCITA) http://www.dbcde.gov.au/ data/assets/file/0016/10915/ovum_report_-_internet_content_filtering.rtf 2007: ACMA Developments in Internet Filtering Technologies and Other Measures for Promoting Online Safety (First annual report to Minister/DBCDE) http://www.acma.gov.au/webwr/_assets/main/lib310554/developments_in_internet_filters_1streport.pdf Feb 2010 AU Internet Filtering for APAN29 - Feb 2010 - (c) ISOC-AU 3 Nov07: Election Promise Nov07 - Australian Labor Party elected to Federal Government with Cyber Safety Policy election promise to require ISPs to offer a clean feed Internet service 31Dec07 Funding for Content Filter Trial Evidence-based outcomes Feb 2010 AU Internet Filtering for APAN29 - Feb 2010 - (c) ISOC-AU 4 (c) ISOC-AU - all rights reserved. 2

June08 Previous Governments report released Closed Environment (simulated server) tested simulated slowdown performance of a simple Tier 3 ISP infrastructure Results compared to a similar 2005 study Tested 6 filter solutions against 3,930 URLs http://www.acma.gov.au/webwr/_assets/main/lib310554/isp-level_internet_content_filtering_trial-report.pdf Feb 2010 AU Internet Filtering for APAN29 - Feb 2010 - (c) ISOC-AU 5 June08 ACMA Conclusions Performance Degradation from 2% to above 75% Correctly Blocked: from 88% to above 97% Over-blocking: from 8% to below 3% However Highest Correctly Blocking were the products with the highest over blocking Lowest over blocking was the lowest correctly blocking Product with least performance degradation was one of the least effective NONE blocked 100% of URLs on the ACMA black list most scored >95% http://www.acma.gov.au/webwr/_assets/main/lib310554/isp-level_internet_content_filtering_trial-report.pdf Feb 2010 AU Internet Filtering for APAN29 - Feb 2010 - (c) ISOC-AU 6 (c) ISOC-AU - all rights reserved. 3

Yet more reports.. 2008: IIA Feasibility Study ISP Level Content Filtering http://www.dbcde.gov.au/ data/assets/pdf_file/0006/95307/main_report_-_final.pdf No shortage of credible reports on Internet filtering! Feb 2010 AU Internet Filtering for APAN29 - Feb 2010 - (c) ISOC-AU 7 Nov 08 New Live Filtering Trial INTERNET SERVICE PROVIDER CONTENT FILTERING PILOT TECHNICAL TESTING FRAMEWORK November 2008 Aim to test a range of filtering solutions in a live ISP-level real-world trial http://www.dbcde.gov.au/ data/assets/pdf_file/0006/89160/technical-testing-framework.pdf Feb 2010 AU Internet Filtering for APAN29 - Feb 2010 - (c) ISOC-AU 8 (c) ISOC-AU - all rights reserved. 4

Live Filtering Trial aims. To the extent possible, the aim is to test a range of different types of filtering including: ACMA blacklist filtering only (for a blacklist of up to 10,000 URLs); or ACMA blacklist filtering plus the filtering of other content using different approaches to filtering which would, for example, include: Index filtering of different sized blacklists; Dynamic analysis filtering; IP versus URL filtering; DNS poisoning. Seeking Volunteer ISPs Subscribers of participating ISPs must opt-in Independent tests conducted by Enex Testlabs Currently ~1300 URLs WWW filtering only No email, NNTP, VoIP, audio or video streaming, instant messaging services (MSN, Yahoo, Skype) or peer-to-peer. Feb 2010 AU Internet Filtering for APAN29 - Feb 2010 - (c) ISOC-AU 9 Official Text. A key component of the Pilot is scalability. The Pilot is, however, limited to the networks and filtering solutions of the participants and their willingness to provide relevant technical information. Ideally the Pilot will involve a representative cross section of the industry, for example tier 1, 2 and 3 ISPs, metropolitan, regional and remote ISPs including mobile, wireless and satellite internet service providers and broadband and dial up customers. The Pilot aims to assess delivery across a variety of internet delivery mediums (wireless and copper to HFC) ranging in speed from 56Kbps through to 12Mbps. Methodology includes testing the ease for solutions to be circumvented Feb 2010 AU Internet Filtering for APAN29 - Feb 2010 - (c) ISOC-AU 10 (c) ISOC-AU - all rights reserved. 5

Oct09 Live Filter Trial Report 9 ISPs 2 large, 1 medium, 6 small (one small ISP had only ~15 opt-in subscribers) Range of filter solutions pass-by, pass-through, DPI, proxy-filter. Maximum speed 8 Mbps no tests of radio/cellular/3g technologies, satellite, or high-speed to 12 Mbps. Performance Degradation tests download times, upload times, streaming, latency http://www.dbcde.gov.au/funding_and_programs/isp_content_filtering_live_pilot Feb 2010 AU Internet Filtering for APAN29 - Feb 2010 - (c) ISOC-AU 11 Results Just ACMA Blacklist (~ 1000 URLs) Each solution was 100% accurate No noticable performance degradation Additional content filtering beyond blacklist (6 tests): Inappropriate accuracy between 79% to 85% Over-blocking Innocuous sites between 2.4% to 3.4% (too high) One solution degraded when going beyond the black-list Stronger circumvention prevention generally lead to greater degradation Most solutions caused minimal degradation in performance All filter solutions (except 1) were relatively easily circumvented Feb 2010 AU Internet Filtering for APAN29 - Feb 2010 - (c) ISOC-AU 12 (c) ISOC-AU - all rights reserved. 6

Issues Identified by Enex Testlabs Conversion of URLs to IP addresses Multiple IPs, server farms etc mapping to a single hostname proves problematic to identify all addresses for router access lists Fast-fluxing DNS records will negate pass-by filters. Pages on popular sites (e.g. Youtube) could cause performance problems for all URLs on that site Automated loading of the black-list was problematic Additional content filtering beyond blacklist (6 tests): Inappropriate accuracy between 79% to 85% Over-blocking Innocuous sites between 2.4% to 3.4% (too high) One solution degraded when going beyond the black-list Stronger circumvention prevention generally lead to greater degradation All filter solutions were relatively easily circumvented Feb 2010 AU Internet Filtering for APAN29 - Feb 2010 - (c) ISOC-AU 13 Observations on the Live Trial (c) ISOC-AU - all rights reserved. 7

Unrepresentative trial conditions "The initial round of ISPs are Primus Telecommunications, Tech 2U, Webshield, OMNIconnect, Netforce and Highway 1. Telstra conducted their own lab trial. No Tier 1, no mobile/3g/4g, no satellite, few national own networks. No indication of the URL rateload tested only tested scalability to size of filter table, not traffic rate. Solutions never tested to find URL/sec scalability limit Not enough large networks all lead to risk of false positive results Feb 2010 AU Internet Filtering for APAN29 - Feb 2010 - (c) ISOC-AU 15 No complex topology tested Location of 2 test PCs was known to ISP User in ISP out ISP in Content Flows towards User Filter Here? Feb 2010 AU Internet Filtering for APAN29 - Feb 2010 - (c) ISOC-AU 16 (c) ISOC-AU - all rights reserved. 8

Network Filter where? Medium ISP Topology Diagram Feb 2010 AU Internet Filtering for APAN29 - Feb 2010 - (c) ISOC-AU 17 Network Filter where? Upstream Provider Link? Most ISPs have 3 30 upstream providers, often in different states Peering Points no provider In the ISPs Core? Single point of failure Poor performance of trombone traffic paths Huge traffic increase multiply cost of longhaul transmission Misses content generated by other users of the same ISP At the PoP Most ISPs will need 5-30 gatekeeper boxes! great idea if you sell gatekeeper boxes, not practical in real networks ISPs knew of location of 2 test PCs, so costs and performance implications to cover a complex topology were never tested Feb 2010 AU Internet Filtering for APAN29 - Feb 2010 - (c) ISOC-AU 18 (c) ISOC-AU - all rights reserved. 9

What is the Problem to Solve? Feb 2010 AU Internet Filtering for APAN29 - Feb 2010 - (c) ISOC-AU 19 Changed Goal Initial rationale was to protect children from casually accessing inappropriate material Trial tested stopping everyone from accessing Refused Classification blacklist material, but allowed through R18+ and X- rated material unsuited to minors Feb 2010 AU Internet Filtering for APAN29 - Feb 2010 - (c) ISOC-AU 20 (c) ISOC-AU - all rights reserved. 10

Dec09 Next Steps - Mandatory ISP Filtering Announced Mandatory ISP filtering of RCmaterial on URL blacklist Optional additional levels of filtering Funding for education and cybersafety outreach programs Consultation on oversight and review of blacklist URLs Legislation expected in August 2010. http://www.minister.dbcde.gov.au/media/media_releases/2009/115 Feb 2010 AU Internet Filtering for APAN29 - Feb 2010 - (c) ISOC-AU 21 Construction of Blacklist to be filtered Simple list of static URLs for HTTP filtering. Will included blacklists from other countries to be added in Built from complaints from members of public to the ACMA, ACMA manually reviews content, and may choose to add specific URL to the blacklist Contents of blacklist to remain secret but a periodic review process to be worked out No dynamic content determination, no filtering of other protocols Will only include Refused Classification material. http://www.minister.dbcde.gov.au/media/media_releases/2009/115 Feb 2010 AU Internet Filtering for APAN29 - Feb 2010 - (c) ISOC-AU 22 (c) ISOC-AU - all rights reserved. 11

Fundamental Concerns ISP-level filters are easily circumvented (as simple as typing in the IP address instead of the hostname) Blocking RC material won t protect children from inappropriate content Trial did not test ability of solutions to scale to high traffic loads, cost to implement or performance issues in complex topologies ISP-level filtering may give parents false confidence and prevent more appropriate protection being enabled Feb 2010 AU Internet Filtering for APAN29 - Feb 2010 - (c) ISOC-AU 23 Thank you Paul Brooks Director, ISOC-AU pbrooks@layer10.com.au www.isoc-au.org.au (c) ISOC-AU - all rights reserved. 12

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information