Re: CWD -- Jacking in from the "Keys to the Kingdom" Port
-----BEGIN PGP SIGNED MESSAGE----- At 12.10 AM 7/3/96 -0500, Declan McCullagh wrote:
CyberWire Dispatch // Copyright (c) 1996 //
Install the programs and Junior can't access porn. No fuss, no muss, no bother. "Parental empowerment" is the buzzword. Indeed, it was these programs that helped sway the three-judge panel in Philly to knock down the Communications Decency Act as unconstitutional.
I've wondered .. could a creative child circumvent these filter programs using a URL-redirecter, like where you see something like http://www.one.site.com/cgi-bin/rd?http://www.porno-site.com/ or are they not URL-based? =============================================================================== David Rosoff (nihongo o sukoshi dekiru) ----------------> drosoff@arc.unm.edu For PGP key 0xD37692F9, finger drosoff@acoma.arc.unm.edu 0xD37692F9 Key fingerprint = 25 7D AA 01 85 41 43 89 50 5A 33 76 F1 F1 99 67 Do you know who's reading your email? ---> http://www.arc.unm.edu/~drosoff/pgp/ Anonymous ok, PGP ok. If it's not PGP-signed, you know that I didn't write it. === === === === === === === === === === === === === === === === === === === === "Truth is stranger than fiction, especially when truth is being defined by the O.J. Simpson Defense Team." -Dave Barry -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMdqkPhguzHDTdpL5AQG77QP7B6oJR9SOeJYyTP9fnad+Yn/fA/ZObaf3 szA2m9Sytxslfd/Juu19KfTTTjncE7dHMBnq6PuyouKD5jwkTnncnXNe7R2Tgjp8 SdVpyUUdFz++lLdBQ1WYos+eCU2QaGqsYe5+79MkHhFOk1XOhAH8zX5hG9kwuO+q 8C9/wuf6ZyU= =NfcF -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- An entity claiming to be David Rosoff wrote: : : I've wondered .. could a creative child circumvent these filter programs : using a URL-redirecter, like where you see something like : http://www.one.site.com/cgi-bin/rd?http://www.porno-site.com/ : or are they not URL-based? I would assume that the filters look for regexp's in the query string, too. How about a nice little Nutscape plugin that uses a rot13'd query string? http://www.one.site.com/cgi-bin/sneaky-rd?uggc://jjj.cbeab-fvgr.pbz/ Hmmm, no bad words in the query string. Of course the filter package would start looking for rot13'd stuff in the next release. So the next logical step is to use the URL encrypted with the redirector's public key ... or better yet, a dynamically generated key. Just convert it to radix64 so as to avoid ?'s &'s or ='s, and use that as the query string. The plug-in would only be necessary to generate the first request. Any URL preparation could be handled by passing the output of netcat through a stream filter before sending it to the client. Now, if I can get the time, maybe I will write a nice little redirector to do this. (hehehehehehe ... right ... get the time ... good one) mark - -- Mark Rogaski | Why read when you can just sit and | Member GTI System Admin | stare at things? | Programmers Local wendigo@gti.net | Any expressed opinions are my own | # 0xfffe wendigo@pobox.com | unless they can get me in trouble. | APL-CPIO -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMdrXDQ0HmAyu61cJAQEZXwP/bSI1tqQH/BCXXWPHhIp9Waq/A22ozyKf W0iL3zveQWbmirXd5RYtxoo+v8jTFmv+SOIUKrI+n7WKTmFoj1TtzMf8zTYTz/KW aZ2NK/PddgSqq4mjQEaxufMqvbG8lE/+Cu6GePo8UkFmkd7hSnNQA5sVv/kaTD47 5xVQCwkEwnc= =traT -----END PGP SIGNATURE-----
On Wed, 3 Jul 1996, Mark Rogaski wrote:
I would assume that the filters look for regexp's in the query string, too. How about a nice little Nutscape plugin that uses a rot13'd query string?
Do you have a copy of that plugin? If it exists.
http://www.one.site.com/cgi-bin/sneaky-rd?uggc://jjj.cbeab-fvgr.pbz/
Hmmm, no bad words in the query string. Of course the filter package would start looking for rot13'd stuff in the next release. So the next logical step is to use the URL encrypted with the redirector's public key ... or better yet, a dynamically generated key. Just convert it to radix64 so as to avoid ?'s &'s or ='s, and use that as the query string.
The plug-in would only be necessary to generate the first request. Any URL preparation could be handled by passing the output of netcat through a stream filter before sending it to the client.
That "creative child" would have to be pretty damn smart to do what you described. Ryan A. Rowe - Montreal, Quebec /Seeking Internet-related job!/ aka CyberEyes, Rubik'S Cube I will relocate _ANYWHERE_. Tel. -> +1-514-626-0328 | __o o E-Mail -> cyberia@cam.org | _ \<_ <\ WWW -> http://www.cam.org/~cyberia | __/\o_ (_)/(_) /> IRC -> #CAli4NiA, #Triathlon, #Surfing | FTP -> ftp.cam.org /users/cyberia | swim bike run Read my C.V. at http://www.cam.org/~cyberia/resume-e.html "In lieu of experience, I have a willingness to learn." "Everyone has their day, mine is July 15th, 1998."
-----BEGIN PGP SIGNED MESSAGE----- On Wed, 3 Jul 1996, David Rosoff wrote:
At 12.10 AM 7/3/96 -0500, Declan McCullagh wrote:
CyberWire Dispatch // Copyright (c) 1996 //
Install the programs and Junior can't access porn. No fuss, no muss, no bother. "Parental empowerment" is the buzzword. Indeed, it was these programs that helped sway the three-judge panel in Philly to knock down the Communications Decency Act as unconstitutional.
I've wondered .. could a creative child circumvent these filter programs using a URL-redirecter, like where you see something like http://www.one.site.com/cgi-bin/rd?http://www.porno-site.com/ or are they not URL-based?
If the child is creative enough, he will be able to boot DOS from a bootdisk and remove the line from config.sys that starts up the filtering software. - -- Mark =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= markm@voicenet.com | finger -l for PGP key 0xe3bf2169 http://www.voicenet.com/~markm/ | d61734f2800486ae6f79bfeb70f95348 "Freedom is the freedom to say that two plus two make four. If that is granted, all else follows." --George Orwell, _1984_ -----BEGIN PGP SIGNATURE----- Version: 2.6.3 Charset: noconv iQCVAwUBMdr7NLZc+sv5siulAQERvQP/YyzeV1YtbR0ba0RkiosU/r6kzDDJeDSc OllJ4dAwlRAvJgNdlbX0aa0pQ47e7QNDu6yZsUv2j1MfJSvVcNlMLIWIaWP0lEvJ 4L+Oedxearr6fSwjgDa40Tv+/hWC3qwV7QHLKriRuyQxDE7nWbz8wMl2G1i91rAg a5dD8JrALeg= =RucL -----END PGP SIGNATURE-----
On Wed, 3 Jul 1996, Mark M. wrote:
On Wed, 3 Jul 1996, David Rosoff wrote:
I've wondered .. could a creative child circumvent these filter programs If the child is creative enough, he will be able to boot DOS from a bootdisk and remove the line from config.sys that starts up the filtering software.
Even more creative kids will find the Dos-based web browser that bypasses whatever is in the config.sys file, that is supposed to prevent them from seeing those "naughty" websites. xan jonathon grafolog@netcom.com AOL coasters are unique, and colourful. Collect the entire set.
See the sig at the end. -ota ---------- Forwarded message begins here ---------- Date: Thu, 4 Jul 1996 08:41:35 +0000 (GMT) From: jonathon <grafolog@netcom.com> To: "Mark M." <markm@voicenet.com> cc: David Rosoff <drosoff@arc.unm.edu>, Declan McCullagh <declan@well.com>, cypherpunks@toad.com Subject: Re: CWD -- Jacking in from the "Keys to the Kingdom" Port On Wed, 3 Jul 1996, Mark M. wrote:
On Wed, 3 Jul 1996, David Rosoff wrote:
I've wondered .. could a creative child circumvent these filter programs If the child is creative enough, he will be able to boot DOS from a bootdisk and remove the line from config.sys that starts up the filtering software.
Even more creative kids will find the Dos-based web browser that bypasses whatever is in the config.sys file, that is supposed to prevent them from seeing those "naughty" websites. xan jonathon grafolog@netcom.com AOL coasters are unique, and colourful. Collect the entire set.
On Thu, 4 Jul 1996, jonathon wrote:
Even more creative kids will find the Dos-based web browser that bypasses whatever is in the config.sys file, that is supposed to prevent them from seeing those "naughty" websites.
I think you're talking about Lynx. If you are, they'd need a shell account to access it. Most ISP's like AOL, CompuServe, Prodigy, and others don't offer that. They'd also have to set it up through a communications program in DOS. Anyways, if you're NOT talking about Lynx, what DOS-based Web browser is there? Ryan A. Rowe - Montreal, Quebec /Seeking Internet-related job!/ aka CyberEyes, Rubik'S Cube I will relocate _ANYWHERE_. Tel. -> +1-514-626-0328 | __o o E-Mail -> cyberia@cam.org | _ \<_ <\ WWW -> http://www.cam.org/~cyberia | __/\o_ (_)/(_) /> IRC -> #CAli4NiA, #Triathlon, #Surfing | FTP -> ftp.cam.org /users/cyberia | swim bike run Read my C.V. at http://www.cam.org/~cyberia/resume-e.html "In lieu of experience, I have a willingness to learn." "Everyone has their day, mine is July 15th, 1998."
On Fri, 5 Jul 1996, CyberEyes wrote:
NOT talking about Lynx, what DOS-based Web browser is there?
Net-Tamer. Requires a PPP connection, and precious little else. xan jonathon grafolog@netcom.com AOL coasters are unique, and colourful. Collect the entire set.
On Wed, 3 Jul 1996, David Rosoff wrote:
I've wondered .. could a creative child circumvent these filter programs using a URL-redirecter, like where you see something like http://www.one.site.com/cgi-bin/rd?http://www.porno-site.com/ or are they not URL-based?
The child would also be able to use the Anonymizer at http://www.anonymizer.com. But, is it that easy to redirect? Just type that little rd command? What others are there? I've seen < and > in use, what do they perform? Ryan A. Rowe - Montreal, Quebec /Seeking Internet-related job!/ aka CyberEyes, Rubik'S Cube I will relocate _ANYWHERE_. Tel. -> +1-514-626-0328 | __o o E-Mail -> cyberia@cam.org | _ \<_ <\ WWW -> http://www.cam.org/~cyberia | __/\o_ (_)/(_) /> IRC -> #CAli4NiA, #Triathlon, #Surfing | FTP -> ftp.cam.org /users/cyberia | swim bike run Read my C.V. at http://www.cam.org/~cyberia/resume-e.html "In lieu of experience, I have a willingness to learn." "Everyone has their day, mine is July 15th, 1998."
participants (6)
-
CyberEyes -
David Rosoff -
jonathon -
Mark M. -
Mark Rogaski -
Ted Anderson