Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


03:15 AM
Connect Directly

Restricting All but the Predators

Child-porn filters proposed in UK law don't extend to email, IM, P2P, or encrypted links, which some say undermines the whole effort

Good intentions that fall woefully short: That's the quickest summation of a proposed U.K. law intended to get pedophiles offline.

The British government wants domestic ISPs to voluntarily introduce content filtering software to stop people from viewing child pornography by the end of 2007. Net and personal security experts, however, say that software only stops accidental viewing of such sites; and that the approach doesn't prevent content delivery over encrypted connections, email, instant messaging, or seemingly innocent P2P sites.

This turn has led some to question exactly who the government is trying to protect, and whether the millions that it will cost ISPs to install this software might be better spent elsewhere.

At the moment, the U.K. government is not requiring ISPs to install filtering software, but a private members bill that got its second reading before the House of Commons last month would "require Internet service providers and other commercial organizations to declare whether or not they have taken steps to prevent access to Websites containing indecent images of children," regardless of where in the world these pictures are hosted. As it stands, however, the government is only asking for the measure to cover home broadband users, not business users or dial-up accounts.

Vernon Coaker, Parliamentary Under-Secretary at the Home Office, said last month that the government wants all U.K. ISPs, large and small, to have such protections in place by the end of 2007. "If it appears that we are not going to meet our target through co-operation, we will review the options," Coaker said in a written answer to Parliamentary questions on May 15, 2006.

The Internet Watch Foundation (IWF) has been leading the charge to remove illegal material from U.K.-hosted sites and block harmful content from outside the British Isles. The not-for-profit group claims that a hotline where Internet users report suspected illegal images has been largely successful in stopping pedophile images being hosted in the U.K. The group claims that today only 0.4 percent of child abuse images on the Internet are hosted in the U.K., down from 18 percent in 1997.

Images hosted in the U.K. aren't really the main problem; rather, images hosted in the rest of the world are the main source of "illegal content" seen in the U.K. So the IWF has put together a "dynamic list" of "around 6,000 URLs" hosted outside the U.K. on servers in Russia, the U.S., and many other parts of the world that can be blocked by U.K. ISPs.

"We also pass reports on to police in the country involved via Interpol," says a spokeswoman for the IWF.

Filtering such URLs presents challenges, however, because an offensive image may be hosted on a large Web-hosting site, such as Tripod or Geocities. An ISP cannot, under English law, block access to all Geocities pages, only those pages or images that are deemed illegal.

So in 2004, BT came up with a two-stage filtering system called "CleanFeed," which filters the Internet requests from customers and checks for items on the IWF list. BT has never revealed exactly how the system works.

However, Richard Clayton, a researcher at the University of Cambridge Computing Laboratory, caused a minor media storm last year when he put out a paper detailing what he believes is BT's filtering system and how it could be used by tech-savvy pedophiles as an "oracle" of illegal sites.

Clayton says that under BT's system, suspect traffic is filtered onto a second level that returns an error message for illegal pages or images requested but returns all other requests normally if only part of a particular site is blocked. Clayton says those searching for child pornography can deduce whether a site is on the blacklist by seeing if it is routed through CleanFeed. He has written a program, which he refuses to release, to demonstrate the ways in which the system could be abused. "It's an inherent property of a two-tier system," he says.

Talking to us this week, however, Clayton suggests that people looking for such material would not have to go to the lengths of reverse-engineering the BT blocker to access child-porn. Merely using an SSL-encrypted connection could be enough, he says. "If it's encrypted they can't block at all."

Users could also resort to third-party Web proxy software that routes their requests through servers in a different country, and the people running the Websites can keep changing URLs and IP addresses in a cat-and-mouse game with the watchdogs, Clayton notes.

"In the end, the people who want to see this stuff have simply moved from BT," he says.

This suits BT just fine. "I don't think we make any pretense that there are ways around this for the most committed person," says a spokesman for British Telecom. "But we want to keep this material off our network."

It begs the question, however, of just who the government, watchdogs, and operators are trying to protect. "The innocent and the curious who just happen to be browsing and come across something wicked online," reckons Clayton.

Since the system does not currently block FTP or peer-to-peer servers, pedophile networks still have an effective means to deliver their illicit content. Meanwhile, their potential victims are still under threat via IM, email, and more recently, fast-moving social networking sites like MySpace.com.

"The popularity of social networking sites makes kids vulnerable in new ways," declares Michelle Boykins, Director of Communications at the National Crime Prevention Council (NCPC) in Washington, in a statement this week.

"The things that might actually damage children -- chatting to people online -- they can't block that," says Clayton.

Speaking of the proposed legislation, he says, “My general view is that this is a waste of time and money that doesn’t stop people who really want to see this material from viewing it.”

Parry Aftab, an Internet privacy and security lawyer and executive director of WiredSafety.org, argues that educating children about potential dangers online is the way to keep them safe. "No one in any country, no matter how well meaning they are, can block everything," she says. "It's about education. And most of it has to be done at a home, school, or kid level. It's the only way to protect them."

— Dan Jones, Site Editor, Unstrung. Special to Dark Reading

Organizations mentioned in this article:

  • BT Group plc (NYSE: BT; London: BTA)
  • Internet Watch Foundation (IWF)
  • National Crime Prevention Counci
  • WiredSafety.org

    Dan is to hats what Will.I.Am is to ridiculous eyewear. Fedora, trilby, tam-o-shanter -- all have graced the Jones pate during his career as the go-to purveyor of mobile essentials. But hey, Dan is so much more than 4G maps and state-of-the-art headgear. Before joining the ... View Full Bio

    Recommended Reading:

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 7/6/2020
    Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
    Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
    Lessons from COVID-19 Cyberattacks: Where Do We Go Next?
    Derek Manky, Chief of Security Insights and Global Threat Alliances, FortiGuard Labs,  7/2/2020
    Register for Dark Reading Newsletters
    White Papers
    Current Issue
    Special Report: Computing's New Normal, a Dark Reading Perspective
    This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
    Flash Poll
    The Threat from the Internetand What Your Organization Can Do About It
    The Threat from the Internetand What Your Organization Can Do About It
    This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    PUBLISHED: 2020-07-08
    Buffer overflow exists in Geovision Door Access Control device family, an unauthenticated remote attacker can execute arbitrary command.
    PUBLISHED: 2020-07-07
    An issue was discovered in CMSUno before 1.6.1. uno.php allows CSRF to change the admin password.
    PUBLISHED: 2020-07-07
    Victor CMS through 2019-02-28 allows XSS via the register.php user_firstname or user_lastname field.
    PUBLISHED: 2020-07-07
    A memory leak in Openthread's wpantund versions up to commit 0e5d1601febb869f583e944785e5685c6c747be7, when used in an environment where wpanctl is directly interfacing with the control driver (eg: debug environments) can allow an attacker to crash the service (DoS). We recommend updating, or to res...
    PUBLISHED: 2020-07-07
    Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack.