Thursday 29 May 2008

Thought police rule: Senate internet surfing spy blocks senators from reading gay newspaper website

The Senate Standing Committee on Finance and Public Administration budget estimates hearing on Monday 26 May 2008 is throwing up some strange instances.

Apparently the desire to stop senators accessing inappropriate material on the internet, also known as research censorship, had resulted in a well-known gay newspaper being blocked from view.
It took Senator Nettles' staff a good week to get permission for, wait for it,
"temporary access to the site".

Senator Nettles was also blocked when researching the ramifications of recently announced NSW Government policy on the agricultural production of industrial quality hemp. The site she was attempting to access was considered in the category of "illegal drugs".

It seems that the Senate IT filtering program is being supplied by Websense.

This is what Websense, with its head office in California and an office in North Sydney, has to say about itself.
Websense provides a unique combination of Web, content, and user intelligence to stop threats at their source, and accurately control the "who, what, where, and how" of network security.

The Senate appears to have opted for a filtering program which has the following features:
Websense Client Policy Manager (CPM) provides a comprehensive endpoint security solution for desktops, laptops, and servers that proactively protects organizations against known and unknown endpoint security threats. CPM prevents the installation and execution of unauthorized applications and enforces application use policies with its comprehensive database of categorized applications, which is updated daily. CPM is an easy-to-implement, low risk, and highly effective alternative to behavior-based Host Intrusion Prevention Systems (HIPS). The comprehensive coverage of both “whitelist” (good) and “blacklist” (bad) applications allows for granular, dynamic, and highly flexible application policies. This provides a critical layer of application awareness that complements desktop antivirus and personal firewalls while stopping today's fast-moving and blended security threats.

Websense Client Policy Manager benefits:
Addresses weaknesses in existing antivirus, anti-spyware, personal firewall, and patch management processes to render today’s attacks harmless.
Provides application awareness and usage policy enforcement on the endpoint for blocking malicious software while ensuring compliance and productivity.
Prevents malicious applications from changing registry settings and tracks suspicious registry activities.
Protects remote and mobile users operating outside of the network or without standard security updates or patches.
Includes protection from the threats and compliance risks around web access and URL content for remote and mobile users.
Works with Network Access Control (NAC) solutions to enforce policy on devices trying to enter the network, denying access to non-compliant endpoints.
Via integrations, enables network-level protection from inbound threats and creates dynamic and application-aware firewalling.
Provides multiple levels of control to prevent the launch or mitigate the propagation of security attacks.

What all this apparently means is that the Senate has blocked senators' PCs from seeing websites on a blacklist based on broad categories of 'bad' types (inclusion decided by Websense) and, that any use of a senator's PC can be tracked right down to the last millisecond of any search or email sent/received.

Although it is still rather strange that this supposed protection against security threats just happens to block the pet hates of Family First's only elected representative and self-appointed moral guardian of Australia, Senator Fielding.

A quick Google shows that Websense has a history of inappropriately blocking sites from Amnesty International, through to the Red Cross, Air America, service blogs and individual bloggers who make political comment. Last year it was blocking Yahoo mail.

As the problems with Websense seem to continue up to date, here is a website advising on how to bypass this filter.
Perhaps senators should consider using this information if the President of the Senate doesn't come to his senses, or alternatively switching to IE7 which Websense is
said not to currently filter.

As it is unlikely that mere voters are going to get a straight answer from either Harry Evans or the Rudd Government on how much this gigantic invasion of privacy is costing or why it is even necessary, perhaps it's time to ask the source about blacklists, why it blocks certain content, why it takes so long to change instructions and costs associated with its security/filtering programs. Here is a Websense email contact.
Annoy the company as much as it is obviously annoying some senators.

1 comment:

Anonymous said...

Good job! :)