Sky blocks Newzbin, important legal and technical questions need answering

Igor Mozolevsky mozolevsky at gmail.com
Thu Dec 15 23:04:19 GMT 2011 

On 15 December 2011 22:11, Francis Davey <fjmd1a at gmail.com> wrote:
> 2011/12/15 Igor Mozolevsky <mozolevsky at gmail.com>:
>>
>> 1. Identify, within all of the electronic communications of all its
>> customers, the packets relating to HTTP;
>> 2. Identify, within that traffic, the URLs supplied by the Applicants
>> (MPAA); and
>> 3. Block access to those URLs.
>
> No, that's not how it works (as I understand anyway). First there is a
> filter on IP addresses, then those that match the IP list are passed
> through to a proxy that filters on specific URLs.

But you can't `know' what IP addresses you need to filter without
looking at all address+port pairs (you certainly wouldn't pass non
HTTP traffic to an HTTP proxy, for example), having done that, you
pass those packets that match criteria to the proxy to do packet
assembly (remember that packets may be fragmented,  out of order, or
corrupt) followed by application layer inspection (looking through
HTTP headers like GET and Host:). Like I said, I think it makes no
difference if 2 & 3 are outsourced to be performed on behalf of cf.
the ISP itself.

> Sure, that is a general filter, but only on IP address, which the ISP
> needs to know anyway for routing purposes.

The situation is different with routing: you only look at IP
addresses, you don't care what order packets come in or go out


>> Would this amount to interception or surveillance under Directive 2000/31?
>>
> Seems unlikely given that its authorised by court order.

I was thinking of Sky's situation here, the order is only against the BT, right?

>> The three paragraphs that address the proportionality are very thin
>> and appear to be based on the fact that the cost to BT would not be
>> too high since BT already used Cleanfeed. Although to me, it seems
>> bizarre that the judge made explicit references to Cleanfeed in the
>> order (whereby arguably showing judicial endorsement), instead of a
>
> No, that's entirely understandable. The preference is for court orders
> to be as clear as possible and, in particular, for it to be clear what
> the person targeted by the order must do. Tying the order to a
> particular technology makes it easy for BT to know what to do in
> compliance.

I see what you are saying, but the judicial feature creep into the
function of a private entity that was set up, apparently, solely for
the purpose of filtering child porn and membership in which is
entirely voluntary seem strange. A few more features and I'm guessing
people will start arguing that IWF is a `Datafin' public authority ;-)
If IWF was created by statute then that would be different, of
course... Also, I'm not entirely certain that if the order only
applies to BT, Cleanfeed could/would only perform the block on BT
traffic...


[snip]

> ... https appears to get around the block (if not,
> I'd be interested to know, I'm taking a particularly keen interest in
> website blocking at the moment).

You could potentially collude with "trusted" CAs to provide fake SSL
certs for the purpose of filtering illegal content... Whether CAs
would do that or not is a separate issue... The idea of blocking
sites, at least technically, is rather naive and only serves to drive
illegal activity from being detectable and actionable to underground
by extension in-actionable.


--
Igor M.

More information about the ukcrypto mailing list