Teen cracks AU$84 million porn filter in 30 minutes

Teen cracks AU$84 million porn filter in 30 minutes

Summary: A 16-year-old Melbourne schoolboy has taken just 30 minutes to crack the federal government's AU$84 million dollar Internet porn filter software.

SHARE:

A Melbourne schoolboy claims to have cracked the AU$84 million Internet filtering software which the government is giving away to schools, libraries and families across the country.

Tom Wood, 16, claims to have broken the filters, which were released as part of the government's Net Alert scheme earlier this month, within half an hour.

The ease with which the filter can be broken came as a surprise to Wood, he told Channel Seven. "For that money, I thought it must have been unbreakable." After circumventing the filter in half an hour, Wood claims to have broken a second version of the porn-blocking software released on Friday, within 40 minutes.

Under Watts' workaround, the filtering software will, to a parent's untrained eye, appear fully functional, with the software status bar untouched.

"AU$84 million is a horrible waste of money," he told the Sunrise show. "I'm willing to work with the government if they like." Watts denied he disabled the software so he could look at porn.

Communications Minister Helen Coonan said the government had anticipated children would find ways to get around the NetAlert filters. Suppliers were contracted to provide updates, Senator Coonan said.

"The vendor is investigating the matter as a priority.

"Unfortunately, no single measure can protect children from online harm and ... traditional parenting skills have never been more important," said Coonan.

The government has already piloted Web filtering technology three times in the past. Following the most recent trial, in 2005, Coonan acknowledged problems with the concept saying: "Each report has found significant problems with content filter products operating at the ISP-level ... The Australian trials have also found the effect on performance of the Internet by ISP filtering to be substantial and a lack of scalability of the filters to larger ISPs."

The Internet filtering scheme comes as part of a wider AU$189 million package of measures announced by the government earlier this month. The NetAlert -- Protecting Australian Families Online program will also see publicity campaigns stepped up, including a AU$22 million awareness scheme to "inform parents and carers of children about online safety issues and provide information about where they can go to receive support and assistance", and 10 new ACMA Internet safety officers who will visit schools to talk about online dangers.

AAP contributed to this story.

Topics: Censorship, Broadband, Browser, Government, Government AU, Security, Software

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

18 comments
Log in or register to join the discussion
  • did he crack it first or just read about it?

    any chance of some original research... This blogger had it done a week ago...

    http://www.boredomistan.com/2007/august/lets_ban_the_internet/

    (BTW mediaconnect ran this last week as well ;))
    anonymous
  • Who would have thought.....

    Is there porn on the internet and do schoolboys try to look at porn on their home computers?

    I thought the internet only provided accurate information that the government wanted us to know. ; )
    anonymous
  • He's not a hacker

    Seem the media keeps labeling this kid is a "hacker". When more or less just geek whom knows a couple of tricks or websites

    There various method of bypassing proxy filters. The most common these days is using Web based Proxy sites that run on CGIproxy and PHProxy. Either you find them using google or download the software packages and upload it to your own web server

    Using google cache can be limited
    anonymous
  • Correct

    Yeah, he definitely is no hacker (then again, the true definition of a hacker is NOT someone who breaks security), but the kid has a point. If he can find flaws like this simply (even though proxies, closing processes etc... down is not a new thing - heck in my secondary school days I was pulling this on supposed *secure* applications, NetOp comes to mind), then it must be easy enough to pull off then :)

    I mean, it did take him 30 minutes to find out how to bypass it, and 40 minutes the second time around.

    I know I am repeating alot of what people already know, but the trouble with Third-Party and Client side filters is there is no direct server to block traffic. The only way I can see a way kids cannot use these simple strategies to break security is to block at the ISP end, but as this article already suggests - the performance issue would be phenominal. The second option is to install home servers (nothing a simple change of modem wouldn't fix, but it's an idea).

    Good luck to the government in fixing the issues hehehe... and no offense to the kid or anything, but the government hiring him to hack the software will do no justice. What needs to be employed are security experts to attempt breaking the software.

    Ciao
    anonymous
  • What a joke....

    This is a complete joke - how backward are our leaders if they can not work out that this is going to happen!! I just wrote more on my blog if anyone is interested. http://blog.brettmoller.com/2007/08/27/how-to-waste-84million-dollars-in-the-name-of-education-aussie-style/
    anonymous
  • Honestly!

    How many jobs do you think this kid got offered after "cracking" this type of system...
    If true, he has to be know as a god when it come's to the breaking of top level program.

    I say good on you tom, teach the old ones how to do it. :-)
    anonymous
  • ISP Filtering

    I have been working in the Internet Policy Enforcement Industry since 2000, so I am no stranger to the technology and the current web filtering solutions being offered.

    I am also very familiar with the controversy between PC Based Filter products and ISP based filer products currently being debated by the Australian Government.

    With that said, I have been working with a third party development company for well over a year to develop a best-of-breed ISP / Managed Services web filtering product that more than meets the requirements of Australia's National PC Filter Tender.

    While we have been very successful in this endeavor, it is unfortunate that we are unable to find anyone in the Australian Government who is interested in speaking with us, much less taking a look at our solution, (approximately 10 minutes).

    Any parent can install the Client in less than 2 minutes. During the initial configuration the parent is required to create a User ID and an administrator password, which allows them to easily change and or disable the access profile for themselves or others who use the same computer.

    Without the administrator password the Client cannot be installed, uninstalled, reconfigured or bypassed. On computers where two or more users log in with their own username and password, only the Named Administrator (i.e., the parent who installs the Client) can make such changes.

    All currently supported Windows operating systems are fully supported by the Client and Macintosh support will be available soon.

    The small footprint, scalable, easily installed client, is very efficient and the backend URL database is a very effective scalable ISP web filtering solution.

    Once the Client is installed on a Laptop, the profile is always there, no matter where the laptop might go, (home, friends home, library, school, even other countries) the child is always protected when using that laptop.

    When and if the Australian Government ever gets serious about protecting the children of Australia, we will be waiting to demonstrate the best solution currently available to protect all of the children in Australia.
    anonymous
  • 84 Million?

    So 84 million was spent on an ineffective theory. How much of that was spent researching the types of porn to be blocked?
    anonymous
  • 84 Million

    The majority of the research was done by my office :P
    anonymous
  • Can be broken

    Every system can be broken. Its all a matter of time, power and statistics.

    As i'm sure you know, no client-side authorization software is safe whatsoever.
    anonymous
  • did he try hex

    A common way to circumvent the NSW's education departments filters was to convert the IP to hex, and enter that into IE.
    anonymous
  • Hi

    H
    anonymous
  • hi

    gidday mate
    anonymous
  • Kevin07 soon to release version_08 :)

    I agree with Mr Coonan traditional parenting skills have never been more important.

    I work online so am half savvy, my wife is computer illiterate. Today she was told by an alarmed mother that my son (10) had given her son the url of a porn site. I tried to explain to my wife (now also an alarmed mother) that there was probably little in it.

    To show her i googled serena and sure enough two clicks and we could see Miss Williams' nipples.

    Kevin Rudd soon releases his next statement on this ($84m++) filter, I ask him how will I be able to convince Junko (my wife) to keep the internet connected. What happens if one passover she searches for an image of a donkey?
    anonymous
  • the enemy

    internet policy enforcement is selling out the users of the internet. I hate the way smart little cookies work so hard for the man. I hope karma treats you well.
    btw you from Dtex?
    anonymous
  • Proxy LOL

    Every kid knows how to use one lol!
    anonymous
  • The simple fact of the matter is no matter what the government trys to pull off they will never be able to stop this. I for one happen to know that ANY kind of security the y put up can be broken into. There is always a way to hack something that is "secure" or "blocked" and thats the bottom line. This kid hacked it in 30 minutes. I for one am not surprised because as more and more agencies put up their new "security" more and more people will try to find a way around it. As for this kid telling the government he will help them that is ridiculous. Reasoning for this is that this kid is NOT the best hacker in the world. No one is. I learned a while back that there is always somone out there who knows more about hackingor computers in general than you do. Point is all they are doing is wasting money because somewhere somehow someone will break in. I do agree with coonan however, Parents are the BIGGEST influence right now. Its up to them to teach kids.
    Asakura-e6b6b
  • I think Every kid knows how to use one lol!
    rockboy333