1995-08-03 - Re: NYETSCAPE

Header Data

From: stewarts@ix.netcom.com (Bill Stewart)
To: cypherpunks@toad.com
Message Hash: f32a6d0cada3827d6ef21e6602f521dbca0237f4c6b1102fec24a7214325c81f
Message ID: <199508031844.LAA05026@ix4.ix.netcom.com>
Reply To: N/A
UTC Datetime: 1995-08-03 18:46:57 UTC
Raw Date: Thu, 3 Aug 95 11:46:57 PDT

Raw message

From: stewarts@ix.netcom.com (Bill Stewart)
Date: Thu, 3 Aug 95 11:46:57 PDT
To: cypherpunks@toad.com
Subject: Re: NYETSCAPE
Message-ID: <199508031844.LAA05026@ix4.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In a copyrighted article,
>Copyright 1995, Nathan Zook.  All rights reserved.
Nathan discusses his suggested directions for elder-controlled
filtering of kids' net access.  (Could be parents, or schoolocrats in loco.)

>The system is of necessity ISP-based.  Home-based systems are subject to
attacks
That's probably necessary; it's certainly the efficient way.  A third approach
is Exon's "Censor the whole net, unless perverts can find ways to talk to
each other without any chance of kids hearing them", which is morally
unacceptable.
The interesting question is how much overlap develops between this and emerging
reputation/filtering services for adults, for which the filtering criteria are
interestingness-related rather than offensiveness-related.

> [ multiple rating services ]
Yep.  For market reasons, as well as moral, aesthetic, and practical ones.

>The NYET-software runs as superuser on the ISP's machine. [...]
>The parent sets the configuration file to permit and deny access to
>various parts of the net.  
And any kid who can break that dialog (e.g. by tapping the parent's session
to get the parent's password) won't be stopped by any wimpy restrictions :-)

An important consideration is that filtering has to be application-specific.
Some sites can be cut off entirely (presumably *.penthouse.com),
but most filtering needs to be more granular, and has different time-scales.
You're certainly not going to block access to the whole Library of CONgress
just because there are a few dirty book titles in the on-line card catalog.

For instance, ftp files and static web pages are pretty easy to rate and filter
if you've got a herd of adults to go surfing them.  
Dynamic web pages are tougher - do you default to open access,
closed-unless-rated, or just use a no-dirty-words-and-no-pictures blocker?

Usenet - some newsgroups obviously would get blocked, 
some would get individual articles filtered by humans,
and technical groups would probably with automatic filters to censor certain
posters and certain words, with occasional human monitoring to detect 
the occasional uses of comp.nerdy.detailed or comp.binaries.eniac for
posting pornography or whatever.  Filtering does slow down conversation,
but enough paid moderators could probably keep up.

But what about chat-programs, IRC, etc.?  You really _can't_ censor
that stuff in real-time and have a meaningful flow of conversation,
except for trivial dirty-word filters which can be exonized around.
Sure, you could have adults watching to say "Hey, cut that out down there!",
and making sure channel names don't have politically incorrect words in them.
And maybe you can have kids-only chat rooms - but what happens when
the kids either start talking like Beavis and [Exon'd]head, or
start talking about (gasp!) sex or (double-gasp!) sexual orientation?
Do you tell their mom? 

And then there are wide-open technologies like telnet (which can do 
almost anything) and email (slower, but goes everywhere) - do you
try to restrict those?  

One major technology that would be needed for this sort of application
is authentication, whether it's digital-signature-based or just
automatic packet-labelling with applications that maintain labels,
so that you can be sure who posted what within PoliticallyCorrectNet,
know whose mom to call if little FooBar has been misbehaving, whose posting
privileges to block or reading to restrict if their mom grounds them,
or, on the positive side, to encourage people to take responsibility for
their postings and remind them that this kind of service only works
if everybody agrees, up-front, to be Good Citizens.

But how do you manage this technically - require outgoing connections
to all go through proxies?  (You need firewalls anyway.)
But do you require connections from users to go through an authentication
proxy before connecting to internal destinations as well,
or is it adequate to use IPv6 with mandatory authentication and
only add proxy service where it's needed?

And what about encryption?  (And stego?  Do some of those MIDI postings have
NASTY WORDS in them if you play them BACKWARDS?  Oh, no!)
We probably need to understand the politics of this sort of service
to find a way to position encryption as a Good Thing, probably as
part of the authentication system - there's a very high risk that it'd
either be banned, or at least Clipperized with a hierarchical authentication
system.  

Of course, if you're banning encryption, or just trying to monitor what's
going on on the net, there's the language problem - English and Spanish
are a start, but it's probably hard for the average ISP to have the 
right mix of people to tell whether an IRC channel is really
speaking Finnish or Hawai'ian or Tuvan or whether it's just stego.
This is probably a Good Thing - while some services will probably
restrict the languages that people post in (either because they're
Real American monoculturalists or because they're providing a
heavily-monitored service and don't have the bucks for 5000 languages), 
others will be pushed toward encouraging responsibility instead.

>I feel it necessary to reiterate the importance of the government
>waiting for a market solution to this problem. 

Yeah!
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---
# Crypto in 3-4 lines of perl --> http://dcs.ex.ac.uk/~aba/






Thread