IT: Websense - free sex sites and "blacklist wars"
Seth Finkelstein
sethf@sethf.com
Mon, 10 Jun 2002 15:13:35 -0400
[ Archived at http://sethf.com/anticensorware/websense/free_sex.php ]
Websense, a censorware company, is now distributing daily lists of sex
sites supposedly not blacklisted by other censorware companies. This
is hilarious. I am not making this up.
Go to http://www.websense.com/ . Click on the big red-and-yellow "Test
The Competition" button in the upper left. Then click on the big
red-and-yellow "Test It For Yourself" button on the upper right. This
brings you to a page where Websense states (emphasis added):
Select the company you are considering from below, and we will
show you a DAILY LIST of 17 Web sites, 12 of which are Adult
Content sites, that are in the Websense database but not in
competitors' databases.
The options are "SurfControl" or "SmartFilter". After some more
clicking through the screens, they'll present you with, they claim:
The following 12 sites are in the Websense database, but leak
through the SmartFilter database. They therefore will be blocked
by Websense but not by SmartFilter.
For those readers with sweaty palms already, the following URLs should
take you there directly:
http://www.websense.com/index.cfm?database=SurfControl&step5=139591&password=&iagree=Yes
http://www.websense.com/index.cfm?database=SmartFilter&step5=139591&password=&iagree=Yes
Perhaps other censorware makers could be persuaded to retaliate?
Now, censorware companies peddle snake-oil, and the above lists are no
exception. It's partially a PR trick. Some of the supposed sex sites
listed are just front pages, which redirect to other sites which are
in fact on the competitor's blacklist. In other cases, they've given a
site which is not on a competing censorware blacklisted by its NAME,
but it is on the competing blacklist by its Internet Protocol ADDRESS
(for an explanation of this sentence, see "Blacklisting Bytes", by
Seth Finkelstein and Lee Tien
http://www.eff.org/Censorship/Censorware/20010306_eff_nrc_paper1.html
)
So, a person will find "This is not as hot a party as I had anticipated.".
But still, you might get lucky. Websense is certainly giving sex-site
seekers a head start, and plenty of ideas. Fresh leads every day.
Note, because of the dynamic method Websense uses to generate the
pages on its website, other censorware companies will have a hard time
blocking those pages. The URLs I've given above are just one means of
reaching that information. On Websense's site, they use an involved
method of passing the around site navigation information within their
dynamically generated pages.
In addition, even variations of the URL data will work, such as:
http://www.websense.com/index.cfm?step5=139591&database=SurfControl&password=&iagree=Yes
or
http://www.websense.com/index.cfm?password=&step5=139591&database=SurfControl&iagree=Yes
This is in fact an example of another problem of censorware, banning
dynamic pages (I had a formal report planned on this, but I'm having
such difficulty getting any coverage, combined with increased legal
risk, that such extensive work is currently postponed indefinitely).
But these "blacklist wars" will be the source of much humor. If the
sex sites are in fact blacklisted in practice by competitors, or are
only mere redirects, then Websense is being dishonest (ok, what else
is new?). If the sex sites are not blacklisted, then this is a "daily
dose" provided straight by a censorware company.
Whatever happened to the concept that one reason for not permitting
evaluation of censorware blacklists, was due to their extensive
collection of where porn might be found? (skipping over the fact that
there are plenty of such third-party collections ...)
I can hardly imagine how censorware critics would be pilloried if they
pulled a stunt like this. Think of the children!
--
Seth Finkelstein Consulting Programmer sethf[at-sign]sethf.com http://sethf.com
Anticensorware Investigations: http://sethf.com/anticensorware/
Seth Finkelstein's Infothought list - http://sethf.com/infothought/
http://www.nytimes.com/2001/07/19/technology/circuits/19HACK.html