Saturday, September 27, 2008

Another example of the problems with Blocklists

By now, most of you will know I'm no fan of blocklists. The simple fact is that even with the best will in the world, they're still often wildly inaccurate. Generally, the people you target with blocklists don't tend to be very cooperative with those that want to block them.

I've mentioned before how ineffective P2P blocklists have been, and even the website ones don't work. The Italian block of the Pirate bay has been overturned, and if anything drew more traffic to the site, as did the Danish block. The Fin's have decided to go one better though, and block a site in the name of protection; protection from the scourge of the internet – Child Pornography.

It's such a shame then, that the site blocked by Finnish ISP DNA is that of the World Wide Web Consortium (W3C). The W3C is a standards body, that amongst other things sets the standards for the HTML that created this page. To presume that such a site would distributing child porn is ludicrous in the extreme, however customers of DNA that attempt to visit the site of the standards body get redirected to this site.

The Finnish Pirate Party (or Piraattipuolue) also objects to this, with party spokesman Kaj Sotala sayingIf the website of a large, well-known and significant organization can end up blocked, is there any reason to believe that some smaller and less known sites doesn’t share its fate? Based on experience so far, none whatsoever”. They also call on the government to stop wasting resources on these lists, which just try and cover up the problem, rather than trying to address it.

I heartily agree. I've seen countless times that people rely on blocklists to try and defer judgement. “The list said it's bad, so it must be”.There are doubtless going to be people who will think their computers have been compromised as accesses to a highly regarded site bring child porn warnings. In the same way, people who use programs like PeerGuardian think that they are being bombarded with connections from antip2p companies. “It said that MediaDefender was hitting me with 20 requests a minute” is the typical response when asked to elaborate, “so that's how I know they've been doing it.

The response is the same in both cases – how accurate is the list? If the list is not accurate, not reliable, no matter what it says you can't believe it. If you replace every MediaDefender label on a PeerGuardian blocklist with “God”, when you torrent, are you not only proving the existence of God, but that he likes to download Heroes as well? Both blocklists are just labels on IP addresses that someone has created. The Finnish list is on a definitive subject, by a government agency, with accountability, and it still gets it wrong. Are a couple of paranoid kids, having to guess at IPs and refusing, ever to be accountable going to be more accurate?