![[Bytes Link logo]](../../../cgif/bytelnk2.gif)
Why I Did It
by By Matthew Skala — Big Blue and Cousins www.bbc.org/jun00nl/skala.htm., , editor@bbc.org - June 16, 2000 at 12:02:08:
Many of my friends were surprised when Mattel, Inc., and their subsidiary Microsystems Software, sued me and a Swedish colleague for alleged copyright infringement. I have a reputation for helping computer beginners and setting a high ethical standard. Why would I help “break” a piece of software designed to protect children from dangerous ideas? In this article I’ll try to answer that question.My local user group, BB&C, actually deserves a good measure of credit or blame for my activities. I joined when I was 10 years old, and immediately started using the club’s bulletin board system (BBS). On the BBS, nobody had to know that Matthew Skala was 10 years old unless I chose to tell them. Prejudiced people who would never dream of conducting a serious discussion face to face with someone my age, were perfectly willing to give me all the respect my ideas could command, in the electronic realm.
There aren’t many other places where our society treats children as fully human. About the only other public place I could count on a little respect was the public library. Naturally, I grew up with a lot of respect for the written word. Over 13 years of writing messages on a daily basis on the BB&C, BBS, and Usenet when it became available, I’ve had a lot of practice in expressing my ideas in words. My experience on the BBS may have something to do with the high grades I’ve always gotten in English, and the recognition I’ve received for my writing in various places.
I think I’m a better person for having been able to use computer networks as a child without any restrictions. Anyone who tried to tell me I couldn’t have full access because of my age would have been doing me a grave disservice. If I’d been limited to a “suitable for children” subset of the online universe, it would have been worthless to me.
So whenever someone suggests that we ought to limit what children can see on the Net, my fingers itch, and I reach for my keyboard. Many of my peers in the computing community had childhood experiences similar to mine. There are a lot of people who believe that it’s a good thing for children to have unrestricted access to the Net.
But one of the bad things about allowing the general public onto the Net is that the general public includes some people you really wouldn’t want to meet. I’m especially unhappy about the fact that we ever allowed advertisers onto the Internet, but other people have been making noises about pornography and hate literature. Everyone agrees that there are things on the Net that they don’t like.
That’s where “parental control” or “censorware” packages like Cyber Patrol come in. These packages are based on lists of forbidden Web sites; if you try to visit a Web site that’s on the list, you’re prevented from doing so. These systems promise to technologically solve the human problem of undesirable material on the Net.
This kind of claim seems to be based on the idea that ideas have a life of their own that can harm people’s mental health in the same way that a biological virus could harm people’s physical health. That seems to be the basis for protecting children from the Internet. It’s obvious that the computer isn’t about to explode and kill your kid—but could something more insidious happen?
I’d take the biological analogy one step farther. If you want to protect someone from infection, do you do it by keeping them in a sterile plastic bubble? People raised in such environments fail to develop normal immune systems. Someone in quarantine like that often dies from an infection that a normal person would have resisted. Children grow up eventually. Do you want them to grow up with functioning immune systems?
In just the same way, I believe that “protecting” children from “harmful” ideas hurts them. Much better to let them develop the critical thinking skills, the mental immune system, that can only derive from exposure to the complete range of human thought.
For people who disagree with my view, it may seem attractive to buy a computer program that will relieve parents the irksome necessity of paying attention to their children. I suppose people have a right to disagree with me, and parents even have a right to use this software. But I believe I have the natural right to look critically at any idea that comes my way. I have the right to take things apart and see how they work.
It’s especially interesting to take censorware packages apart. Censorware packages are a good challenge; they’re usually designed to resist analysis because the manufacturers consider their lists of “harmful” Web sites to be valuable secrets. There are documented cases of censorware companies copying each others’ blocking lists without permission, or hiding political agendas in their software. Anyone who wants to have an informed debate on the topic of censorware will benefit from knowing exactly what the software blocks. There is also a consumer protection angle. Parents who might buy censorware have a right to know what they’re getting.
Maybe it’s okay for private individuals to buy censorware without knowing what they’re getting. But these packages are marketed aggressively to schools and libraries. With censor-ware in a school or library, the software publisher is setting policy for a public institution. Because the blocking list is secret, the teacher or librarian can’t even find out what policy is being enforced.
The first censorware break I remember was brought to public attention by Bennett Haselton, of Peacefire. He published a way to break the embarrassingly weak encryption used by CYBERsitter. Its list of forbidden pornographic sites included www.now.org, the National Organization of Women. CYBERsitter retaliated for Haselton’s criticism by adding his organization to its block list. In fact, a later version of CYBERsitter would actually scan the user’s browser history, and refuse to install (with a mysterious error message) if the user had recently visited the Peacefire Web site.
Last year I encountered an article called The Reversal of NetNanny, written by a programmer in Sweden named Eddy Jansson. The NetNanny essay took a tutorial approach, giving details of the steps involved in analyzing the software. Eddy’s NetNanny essay drew a lot of favorable comment from people who teach computer programming; reverse engineering is an important skill for computer programmers. There’s even a reverse engineering research group at the university I attend.
In late January of 2000, Eddy Jansson invited me to help with his project of reverse engineering Cyber Patrol. We worked together on Cyber Patrol for about six weeks, eventually finding holes in virtually all of its security features. We also found some questionable entries on the block list. We posted an essay on the Web called The Breaking of Cyber Patrol(R) 4, and the rest is history. For the complete story, please check out http://www.islandnet.com/~mskala/cpbfaq.html
Matthew Skala is a graduate student in Computer Science at the University of Victoria, Victoria BC Canada. He is the winner of a prestigious Natural Sciences and Engineering Research Council of Canada scholarship. He is also the Systems Director of Big Blue and Cousins and the Secretary of the Victoria Linux Users Group. This article is brought to you by the Editorial Committee of the Association of Personal Computer User Groups (APCUG), an International organization to which this user group belongs.
![[------STRIPE-----]](../../../cgif/str1.gif){kind=small}
Site Disclaimer Suggestions? E-Mail to webmaster@noccc.org