Forgot your password?
typodupeerror
Censorship The Internet Your Rights Online

W3C.org Briefly Censored In Finland 115

Posted by timothy
from the well-they-do-inspire-impure-thoughts dept.
k33l0r writes "The web site of W3C, w3.org or w3c.org, was briefly censored (Google Translation) by at least some of the local ISPs. For an unknown reason the URL was mistakenly entered into the Federal Police's censor database. Some of the Finnish ISPs use the database to filter out questionable content such as child pornography." Finnish online activist Matti Nikki describes some of the problems with this database-based censorship.
This discussion has been archived. No new comments can be posted.

W3C.org Briefly Censored In Finland

Comments Filter:
  • Blacklists suck. (Score:1, Informative)

    by Anonymous Coward on Saturday September 27, 2008 @07:28PM (#25180973)

    This isn't news. Legitimate sites ending up on blacklists is normal. It happens all the time. Might as well report that the sun rises in the morning.

  • Easy to circumvent: (Score:5, Informative)

    by WTF Chuck (1369665) on Saturday September 27, 2008 @07:38PM (#25181045) Journal

    Effi: Finnish police censors a critic of censorship [effi.org]

    This shows that they are using DNS based filtering. Very easy to get around, run your own DNS servers and bypass your ISP's DNS servers alltogether.

  • Human translation (Score:5, Informative)

    by plj (673710) on Saturday September 27, 2008 @09:04PM (#25181479)

    Sorry for the bad quality, it is 5 AM in Finland, and I'm very tired. But I bet I can still beat Google's translation service.

    W3C's site on Finnish censorship list

    (Updated on 27/9/08 at 19:31: DNA wasn't the only operator affected by the censorship.)

    Customers of telecom operator DNA were unable to access the web server of World Wide Web Consortium (W3C), an organisation developing web standards, on Friday evening and early Saturday, because the address of the site had erroneously became included on the censorship list of National Bureau of Investigation.

    Many readers of Tietokone magazine informed us late Friday evening and early Saturday that a police information page was opened instead of www.w3.org. The information page says that the target page includes child pornography. The problem was fixed on early Saturday, and currently DNA's customers should be able to access W3C's site normally.

    Different operators use the same filtering list provided by the NBI, but different operators may fetch the updated list at different times.

    Internet activist Matti Nikki also describes of these observations on his lapsiporno.info -site (lapsiporno == child pornography), which still cannot be accessed by those operators' connections that use the filtering list. (Translator's note: using the list is not mandatory for operators.)

    Operators have kept filtering webpages by domain, even though this is not the first time the practice has caused ambiguousness in censorship.

    NBI and operators assured last spring, that ambiguous domain-based filtering can be replaced by URL-based filtering, but implementation of this change has been delayed. Many operators have also announced that they will make the filtering voluntary to their customers due to technical problems and negative publicity.

    Censorship list in the hands of the NBI

    Internet operators gave an estimate for Tietokone magazine last spring, that implementing a precise URL-based filtering system will cost millions of euros. Present domain-based filtering methods are based on domain name redirects or so-called mandatory proxies, i.e. transparent proxies.

    Public relationship officer of DNA, Sinikka Veneranta, says that the police removes and adds addresses to the list as they see best, and the operator does no processing for the addresses on the list by itself.

    But there are still differences in the time how quickly the addresses on the list will end up in systems of different operators. W3C's address is known to have been end up also to the systems of Mikkeli Telecom Co-operative (MPY).

  • by WTF Chuck (1369665) on Saturday September 27, 2008 @09:40PM (#25181665) Journal

    Personally, I am running bind. My ISP's DNS servers were rather slow to respond.

    With most linux distros, all you have to do is install it with your package manager, and then set your machine to use itself, rather than the ISP, as the DNS server. The default configuration that gets installed will generally query the root servers. You will need to check your distros documentation just in case.

    Bind packages can also be found for DD-WRT. I don't run them, so I cant say how well they work.
    DD-WRT Bind DNS-slave server [dd-wrt.com]
    http://www.dd-wrt.com/dd-wrtv2/downloads/others/packages [dd-wrt.com]

    For M$ users, DNS server packages, (including bind), are available. I don't have experience with them, as I dumped M$ shortly after XP was released.
    Google Search [google.com]
    ISC Bind [isc.org]

    There is more than enough documentation on how to set-up and run DNS servers available on the net, it is pointless to do that here.

    The biggest thing that I don't understand is why people who write such articles don't mention that there are solutions available. It would have simply been a 2 or 3 sentence paragraph in TFA to give links to a way around the censoring. TFAs that were linked to didn't even point out that it was DNS filtering, the link in my original post came from one of TFAs.

  • by supernova_hq (1014429) on Saturday September 27, 2008 @10:03PM (#25181791)

    There have actually been cases of this happening. Basically what usually happens is the children (up to 17) are punished without the law (suspended if done at school, etc) and any adults/companies/etc knowingly involved in the reproduction, distribution and/or storage of the material are slapped (rather viciously) with child-pornography charges.

    The children are usually not charged legally, but after their parents, school administration, older siblings, etc get a hold of them, they wish they hadn't done it.

  • by Skapare (16644) on Saturday September 27, 2008 @10:03PM (#25181793) Homepage

    How do they censor by domain name? Do they force/expect everyone to use the ISP proxy server? Do they force/expect everyone to use the ISP name server? Unless they block direct access, it should be easy enough for a user to get around. Of course most users would not know how. OTOH a lot of the really bad pr0n sites don't even use domain names. They use constantly changing IP addresses of proxies running on exploited home/office Windows computers.

  • by dvice_null (981029) on Sunday September 28, 2008 @02:05AM (#25182739)

    > Though noone will likely die or even loose any large ammounts of money or similar due to this particular case

    They have already also blocked a site of several companies. Some which are not related to porn at all, but about 99% of the websites they block are legal porn-sites. Also a website who is making critique about this censorship and publishing a list of blocked but legal websites is blocked.

    It is quite interesting how little people are defending these legal porn sites. As if it is okay to block them, just because they are porn.

  • by stephanruby (542433) on Sunday September 28, 2008 @02:45AM (#25182827)

    "By child pornography, I mean adult porn with children. A picture of a thirty-year-old man naked != porn. Picture af ten-year-old naked != porn. Picture of either of said persons engaging in sexual acts or behaving provocatively = porn. "

    Yes, but since you're probably not one of the Finnish policemen in charge of this black list, nor are you one of the highly trained Kmart/Walgreens photo clerk employees, your definition of what "child porn" is -- probably highly suspect.

    • William Kelly was arrested in Maryland in 1987 after dropping off a roll of film that included shots his 10-year-old daughter and younger children had taken of each other nude.
    • David Urban in 1989 took photos of his wife and 15-month-old grandson, both nude, as she was giving him a bath. Kmart turned him in and he was convicted by a Missouri court (later overturned).
    • A gay adult couple in Florida decided to shave their bodies and snap their lovemaking, convincing a Walgreens clerk that one of them was a child. They are suing the Fort Lauderdale police.
    • More recently, Cynthia Stewart turned in bath-time pictures of her 8-year-old daughter to a Fuji film processing lab in Oberlin, Ohio. The lab contacted the local police, who found the pictures "over the line" and arrested the mother for, among other things, snapping in the same frame with her daughter a showerhead, which the prosecution apparently planned to relate somehow to hints of masturbation.
    • http://archive.salon.com/mwt/feature/2000/01/31/kincaid/ [salon.com]

    .

    "That again: child running about naked on beach - NOT PORN. Child having sex or being filmed in a way intended to arouse the viewer - IS PORN, therefore far beyond questionable content. "

    Sure, but that has yet to be proven. This guy [lapsiporno.info] for instance has already received personal threats against him because his site is listed as a "child porn web site", and yet he doesn't have a single picture on his site -- he only compiled a list of web sites that were banned by this list (he simply used a scanner to obtain that information, and it turns out that 99% of those web sites listed do not contain child pornography according to him). Should he put in jail because of this so-called "questionable content"? Should he be branded as a sexual predator and a child porn peddler because of this personal expose?

  • by hydrofix (1253498) on Sunday September 28, 2008 @03:11AM (#25182889)

    No you dont even have to run your own DNS server and you can stil use your ISPs DNS (it's 99% time faster than say OpenDNS). If you end up on a site with the police cencorship notice, connect to any machine (SSH) or site (WWW) that can resolve domain names without the cencorship. I think all university networks, all foreign machines and sites like http://www.dnswatch.info/ [dnswatch.info] are good for this. Then just edit your /etc/hosts file and manually override the IP address for the domain on per-site basis. Add this line to your hosts:

    83.145.201.47 lapsiporno.info www.lapsiporno.info

    to access lapsiporno.info for example. It's that easy..

  • by Skal Tura (595728) on Sunday September 28, 2008 @03:17AM (#25182899) Homepage

    Matti Nikki's website has been censored from almost the start because he has been speaking against this kind of censorship, and it's problems.

    One of the problems he claims is that it will be used against sites which do not distribute child pornography, activist websites, critical of the goverment, or otherwise "undesired" websites. This blacklist was entirely made for child pornography.

    His site got blacklisted, proofing the point. No action has been taken, and no one seems to care how Finland aswell is turning into a police state.
    To access his website, simply use OpenDNS.org nameservers.

      Finland is in a state of masqueraded communism, the taxes are highest in the world and living costs right up there too! For well above minimum wage job, you don't get even twice the amount of money to spend on things than on unemployment checks.

    I were born in Finland, and like living here very much indeed, even so much i've denied some REALLY good positions offered to me abroad and stayed in Finland. However slowly i'm starting to rethink the sensibility of staying in Finland, due to things like this blacklist.

  • by hydrofix (1253498) on Sunday September 28, 2008 @03:27AM (#25182935)

    Yes they use a very simple domain name based cencorship that causes the ISPs' DNS servers to resolve cencored domain names to a machine (hosted by the ISP on the expense of the customers..) that only serves a very ugly "Cencorced by the National Bureau of Investigation" notice (screenie [wikipedia.org]). It's extremely easy to bypass by editing /etc/hosts, running your own domain name server or using foreign servers like OpenDNS. It should be also noticed, that this cenorship is in its current form voluntary, but the goverment said they hope that ISPs are co-operative so they dont have to make the cencorship compulsory

    And still, there are things like Tor that could be employed even if they used IP based filtering. But I hope this is not going to happen..

  • Re:Clever strategy (Score:3, Informative)

    by dgr73 (1055610) on Sunday September 28, 2008 @04:18AM (#25183085)
    Actually, this spring there was a demonstration against this crude and yet ineffective way of filtering kiddieporn. A finnish MP and EFF activist Jyrki Kasvi went on a morning TV show and laid out all the arguments why a deny list with no oversight can not work (anonymous proxies, etc) and why it creates collateral damage (false positives, pedos using the list as a list for kiddieporn addys, etc). He also said that blocking by itself is not an answer, it's much better to improve co-operation between police forces of different countries, so the sites themselves and their owners could be taken down. He was countered by a person from Mannerheimin Lastensuojeluliitto (a "leading" Finnish organization for child protection). The counter included no technical commentary, just a simple statement repeated many times with slight variation and a passionate voice. The statement roughly translates to "wont anybody think of the children". The debate ended there and you could clearly see she won the argument, atleast in the eyes of the "neutral" reporters conducting the interview. Emotional invocation of our primal instincts to protect our young can still outweigh any petty logic that can tickle our neocortex's fancy.

Little known fact about Middle Earth: The Hobbits had a very sophisticated computer network! It was a Tolkien Ring...

Working...