Hacker reverse-engineered ACMA blacklist

Summary:An Australian Communications and Media Authority (ACMA) executive has told a Senate Estimates hearing that the alleged leak of its blacklist in March was the result of a hacker reverse-engineering a Family Friendly filter.

This story initially reported that filters used by Family Friendly ISPs had been reverse engineered. Ms O'Loughlin was actually referring to Family Friendly filter vendors.

update An Australian Communications and Media Authority (ACMA) executive has told a Senate Estimates hearing that the alleged leak of its blacklist in March was the result of a hacker reverse-engineering a Family Friendly filter.

"We started off very much concerned about our internal process, but then as more information came to us it became very clear that where the alleged list was acquired from was actually from the filter itself," Nerida O'Loughlin, ACMA's general manager of its Industry Outputs Division told the Senate Estimates hearing on Monday.

ACMA's investigation into the leak revealed one of the filters on the Internet Industry Association's Family Friendly filter list was "reverse engineered" to produce the blacklist that was leaked. Family Friendly filter vendors include Microsoft, f-secure, McAfee and Trend Micro amongst others.

Shortly after the alleged leak, Minister for Communications Stephen Conroy said the list was not current, but an older version that ACMA had used. The leaked list contained some 2395 web pages whereas the list at the time of the leak contained 1061 URLs. ACMA's current list issued to Family Friendly ISPs contains just 977 web pages.

The leak prompted a review of security arrangements around how ACMA sends out the weekly update of the blacklist, which it claimed is "always encrypted" before sending. Participating vendors are typically notified that a new list is available and are provided a password to access it.

ACMA also asked the vendors to submit details on how the blacklist is handled once it had been received, though only eight of the 13 participants responded, said O'Loughlin.

"We asked them to provide information back to the ACMA with regard to any security vulnerabilities. We stopped distributing the list at that point in time until we were satisfied that we had information from those vendors as to what they would put in place," said O'Loughlin.

O'Loughlin said the matter had been referred to the Australian Federal Police in the past few weeks.

Topics: Security, Government : AU, Tech Industry, Telcos

About

Liam Tung is an Australian business technology journalist living a few too many Swedish miles north of Stockholm for his liking. He gained a bachelors degree in economics and arts (cultural studies) at Sydney's Macquarie University, but hacked (without Norse or malicious code for that matter) his way into a career as an enterprise tech, s... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.