Teen cracks AU$84 million porn filter in 30 minutes

27 August 2007 04:57 PM

Tags: porn, internet, filter, coonan, security, software, government, wood

A Melbourne schoolboy claims to have cracked the AU$84 million Internet filtering software which the government is giving away to schools, libraries and families across the country.

Tom Wood, 16, claims to have broken the filters, which were released as part of the government's Net Alert scheme earlier this month, within half an hour.

The ease with which the filter can be broken came as a surprise to Wood, he told Channel Seven. "For that money, I thought it must have been unbreakable." After circumventing the filter in half an hour, Wood claims to have broken a second version of the porn-blocking software released on Friday, within 40 minutes.

Under Watts' workaround, the filtering software will, to a parent's untrained eye, appear fully functional, with the software status bar untouched.

"AU$84 million is a horrible waste of money," he told the Sunrise show. "I'm willing to work with the government if they like." Watts denied he disabled the software so he could look at porn.

Communications Minister Helen Coonan said the government had anticipated children would find ways to get around the NetAlert filters. Suppliers were contracted to provide updates, Senator Coonan said.

"The vendor is investigating the matter as a priority.

"Unfortunately, no single measure can protect children from online harm and ... traditional parenting skills have never been more important," said Coonan.

The government has already piloted Web filtering technology three times in the past. Following the most recent trial, in 2005, Coonan acknowledged problems with the concept saying: "Each report has found significant problems with content filter products operating at the ISP-level ... The Australian trials have also found the effect on performance of the Internet by ISP filtering to be substantial and a lack of scalability of the filters to larger ISPs."

The Internet filtering scheme comes as part of a wider AU$189 million package of measures announced by the government earlier this month. The NetAlert -- Protecting Australian Families Online program will also see publicity campaigns stepped up, including a AU$22 million awareness scheme to "inform parents and carers of children about online safety issues and provide information about where they can go to receive support and assistance", and 10 new ACMA Internet safety officers who will visit schools to talk about online dangers.

AAP contributed to this story.

Talkback (14)
Print
E-mail
Share
- del.icio.us
- Digg
- Reddit
- Slashdot
- StumbleUpon

Talkback 14 comments

Add your opinion

did he crack it first or just read about it? Anonymous -- 27/08/07

any chance of some original research... This blogger had it done a week ago...

http://www.boredomistan.com/2007/august/lets_ban_the_internet/

(BTW mediaconnect ran this last week as well ;))
Who would have thought..... steeve pink -- 27/08/07

Is there porn on the internet and do schoolboys try to look at porn on their home computers?

I thought the internet only provided accurate information that the government wanted us to know. ; )
He's not a hacker Adam Nelson -- 27/08/07

Seem the media keeps labeling this kid is a "hacker". When more or less just geek whom knows a couple of tricks or websites

There various method of bypassing proxy filters. The most common these days is using Web based Proxy sites that run on CGIproxy and PHProxy. Either you find them using google or download the software packages and upload it to your own web server

Using google cache can be limited
1. Correct Craig -- 27/08/07
  
  Yeah, he definitely is no hacker (then again, the true definition of a hacker is NOT someone who breaks security), but the kid has a point. If he can find flaws like this simply (even though proxies, closing processes etc... down is not a new thing - heck in my secondary school days I was pulling this on supposed *secure* applications, NetOp comes to mind), then it must be easy enough to pull off then :)
  
  I mean, it did take him 30 minutes to find out how to bypass it, and 40 minutes the second time around.
  
  I know I am repeating alot of what people already know, but the trouble with Third-Party and Client side filters is there is no direct server to block traffic. The only way I can see a way kids cannot use these simple strategies to break security is to block at the ISP end, but as this article already suggests - the performance issue would be phenominal. The second option is to install home servers (nothing a simple change of modem wouldn't fix, but it's an idea).
  
  Good luck to the government in fixing the issues hehehe... and no offense to the kid or anything, but the government hiring him to hack the software will do no justice. What needs to be employed are security experts to attempt breaking the software.
  
  Ciao
  - Reply to comment
  - Report offensive content
What a joke.... Anonymous -- 28/08/07

This is a complete joke - how backward are our leaders if they can not work out that this is going to happen!! I just wrote more on my blog if anyone is interested. http://blog.brettmoller.com/2007/08/27/how-to-waste-84million-dollars-in-the-name-of-education-aussie-style/
Honestly! Anonymous -- 31/08/07

How many jobs do you think this kid got offered after "cracking" this type of system...
If true, he has to be know as a god when it come's to the breaking of top level program.

I say good on you tom, teach the old ones how to do it. :-)
ISP Filtering Anonymous -- 19/09/07

I have been working in the Internet Policy Enforcement Industry since 2000, so I am no stranger to the technology and the current web filtering solutions being offered.

I am also very familiar with the controversy between PC Based Filter products and ISP based filer products currently being debated by the Australian Government.

With that said, I have been working with a third party development company for well over a year to develop a best-of-breed ISP / Managed Services web filtering product that more than meets the requirements of Australia's National PC Filter Tender.

While we have been very successful in this endeavor, it is unfortunate that we are unable to find anyone in the Australian Government who is interested in speaking with us, much less taking a look at our solution, (approximately 10 minutes).

Any parent can install the Client in less than 2 minutes. During the initial configuration the parent is required to create a User ID and an administrator password, which allows them to easily change and or disable the access profile for themselves or others who use the same computer.

Without the administrator password the Client cannot be installed, uninstalled, reconfigured or bypassed. On computers where two or more users log in with their own username and password, only the Named Administrator (i.e., the parent who installs the Client) can make such changes.

All currently supported Windows operating systems are fully supported by the Client and Macintosh support will be available soon.

The small footprint, scalable, easily installed client, is very efficient and the backend URL database is a very effective scalable ISP web filtering solution.

Once the Client is installed on a Laptop, the profile is always there, no matter where the laptop might go, (home, friends home, library, school, even other countries) the child is always protected when using that laptop.

When and if the Australian Government ever gets serious about protecting the children of Australia, we will be waiting to demonstrate the best solution currently available to protect all of the children in Australia.
1. Can be broken johndoe -- 03/10/07
  
  Every system can be broken. Its all a matter of time, power and statistics.
  
  As i'm sure you know, no client-side authorization software is safe whatsoever.
  - Reply to comment
  - Report offensive content
84 Million? Peter Smirk -- 26/09/07

So 84 million was spent on an ineffective theory. How much of that was spent researching the types of porn to be blocked?
1. 84 Million Peter The Smirk Costello -- 26/09/07
  
  The majority of the research was done by my office :P
  - Reply to comment
  - Report offensive content
2. Hi Adrian -- 11/04/08
  
  H
  - Reply to comment
  - Report offensive content
3. hi Anonymous -- 26/07/08
  
  gidday mate
  - Reply to comment
  - Report offensive content
did he try hex Anonymous -- 15/10/07

A common way to circumvent the NSW's education departments filters was to convert the IP to hex, and enter that into IE.
Kevin07 soon to release version_08 :) Ben Walsh -- 09/09/08

I agree with Mr Coonan traditional parenting skills have never been more important.

I work online so am half savvy, my wife is computer illiterate. Today she was told by an alarmed mother that my son (10) had given her son the url of a porn site. I tried to explain to my wife (now also an alarmed mother) that there was probably little in it.

To show her i googled serena and sure enough two clicks and we could see Miss Williams' nipples.

Kevin Rudd soon releases his next statement on this ($84m++) filter, I ask him how will I be able to convince Junko (my wife) to keep the internet connected. What happens if one passover she searches for an image of a donkey?

Add your opinion

Latest Videos

Play now

Planet CNET: Spooning at 40,000 feet
On this episode of Planet CNET, we learn about cameras for French espionage, a not-so-bright idea from the U.K… Watch it now
Apple drops iPhone NDA
Planet CNET: running low on oxygen
Steve Ballmer still positive on tech economy
More videos »

Blogs

Australian Govt funds IT start-ups
This week Australia's Federal Government announced it had allocated $3.6 million in funding to 57 local research projects so that they could be commercialised, with many of them being web or IT-related start-ups.
Google should come clean on datacentres
It's nice that Google says it has put an effort into making its datacentres more energy efficient, but the search giant's pledges won't mean much until it discloses just how many of the beasties it's actually running.
US shows what OPEL could have been
Sprint's WiMAX roll-out in Baltimore will prove the Australian government's decision to worm its way out of the Opel WiMAX contract was a short-sighted, and ultimately damaging, political stunt that has benefited nobody.
More blogs »

Hot Spot - What's Important

Achieve continuous availability with high performance NonStop blade technology

Looking to buy a printer? Our superguide rates the latest printers and shines a light into the industry.

Download Your Microsoft Unified Communications Fact Pack now.

Microsoft Unified Communications - Take your Self Assessment Today.

Reader Services

Essentials

Superguide: Printers
Looking to buy a printer? Our superguide rates the latest printers and shines a light into the industry.
Storage and server superguide
Over the last decade the art of maintaining the datacentre of a large organisation has evolved into an art form.
Broadband speedtest
How fast is your Internet connection? Calculate the speed here.
Top 10 Mobiles & PDAs
Check out the latest and most popular products in Mobiles & PDAs.

Teen cracks AU$84 million porn filter in 30 minutes

Talkback 14 comments

did he crack it first or just read about it? Anonymous -- 27/08/07

Who would have thought..... steeve pink -- 27/08/07

He's not a hacker Adam Nelson -- 27/08/07

Correct Craig -- 27/08/07

What a joke.... Anonymous -- 28/08/07

Honestly! Anonymous -- 31/08/07

ISP Filtering Anonymous -- 19/09/07

Can be broken johndoe -- 03/10/07

84 Million? Peter Smirk -- 26/09/07

84 Million Peter The Smirk Costello -- 26/09/07

Hi Adrian -- 11/04/08

hi Anonymous -- 26/07/08

did he try hex Anonymous -- 15/10/07