Communications Minister Stephen Conroy has welcomed "improvements" in ISP filtering technologies, but will a broad-scale roll-out make ISPs a thief's favourite target?
The great success of the ISP filtering trial was that current technologies impose far less interference on an ISP's network than similar tests done five years ago.
Newton raised an interesting idea: for an ISP to filter HTTPS sessions it would have to engage in a Man in the Middle attack, where the attacker intercepts and changes information being transmitted between two parties...
Normally HTTPS means that data streams pass unfettered between your computer and the bank's servers, but ISP filtering would see that data unencrypted at the ISP, inspected, re-encrypted and then forwarded on to you and the bank.
Now, I don't use Dodo, Exetel or TPG, but these ISPs don't seem to be able to afford call centre staff, so can we rely on these ISPs to implement whatever technology the government approves?
And if the filtering products run on Windows operating systems, what happens if and when those systems become infected with a trojan or virus that siphon information to cybercrims?
Let's hope we find out a little more about the security and privacy implications in the "live" trials the government plans to run in the coming months.
Unfortunately for Liam and the blogosphere, it is highly unlikely that Senator Conroy or his staff have even given this issue a passing thought.
From where I am sitting, the progressing of this national ISP filtering scheme is principally about a narrow, faith-based, ideology ridden agenda.
1 comment:
... "ISP filtering would see that data unencrypted at the ISP, inspected, re-encrypted and then forwarded on to you and the bank" ...
Um, I don't think so, unless every ISP is going to hold the private encryption keys of every bank, which is absurd. However, the filtering scheme is silly for many other reasons.
Post a Comment