Technology Blog

Regarding my previous posting, here’s a
the exchange that went down last night, edited for HTML and to remove
excessive inclusion of old text.

For some reason, the word arbitrary is stuck in my head, but I
can’t fault the speed of their (admittedly faintly impersonal-feeling)
response, or their apparent willingness to accomodate my (erm)
attitude.

The below definitely does drive home a requirement to demand
complete clarity regarding Websense’s position, since just because a
“website” is categorised in one matter does not apparently mean that
they change classifications for other sub-directories.

Perhaps more people should contact them requesting justification when
such blocks are encountered?

Note also, the apparent Power of Google!

Response 1:

From: databasechange@websense.com

Subject: RE: Suggest a Change to the Websense URL Database

Date: 14 December 2004 00:50:08 GMT

To: alecm@…

Hello,

Thank you for writing to Websense.

The site you submitted has been reviewed. We have changed the
categorization for http://www.crypticide.com/users/alecm/ to
Personal Websites. The update should be available in the next
publication of the database.

Thank you for your assistance.

The Websense Database Services Staff

Challenge 2:

From: alecm@…

Subject: Re: Suggest a Change to the Websense URL Database

Date: 14 December 2004 00:51:51 GMT

To: databasechange@websense.com

Thank you for your assistance.

Thank you for your prompt response; will that also apply to all other subdirectories, please?

-alec

Response 2:

From: databasechange@websense.com

Subject: RE: Suggest a Change to the Websense URL Database

Date: 14 December 2004 01:01:34 GMT

To: alecm@…

Hello,

Thank you for writing to Websense.

We have also classified
http://www.crypticide.com/users/alecm/download/ under the category
Freeware/Software Download and
http://www.crypticide.com/users/alecm/security/ under Hacking.
All other subdirectories should be correctly filtered under
Personal Websites.

Thank you for your inquiry,

The Websense Database Services Staff

Challenge 3:

From: alecm@…

Subject: Re: Suggest a Change to the Websense URL Database

Date: 14 December 2004 01:14:01 GMT

To: databasechange@websense.com

Hello again! Thank you once more for your prompt response to my last mail.

We have also classified
http://www.crypticide.com/users/alecm/download/ under the category
Freeware/Software Download and
http://www.crypticide.com/users/alecm/security/ under
Hacking. All other subdirectories should be correctly filtered
under Personal Websites.

Putting “www.crypticide.com/users/alecm/security/” under “Hacking”? As
opposed to “Security”?

Given that the software therein is all academically/educationally
oriented, including what is considered the world’s defacto Unix
Password Integrity tester, as evidenced by many of the links in the
following:

http://scholar.google.com/scholar?q=alec+muffett&ie=UTF-8&oe=UTF-8&hl=en&btnG=Search

…although some better software does now exist, I would appreciate it
if you could kindly explain why it is that you would justify
describing that directory’s content as “Hacking” as opposed to “IT
Security”?

Such would be of great interest to myself, in both professional and academic capacities.

Many thanks,

- alec

Response 3:

From: databasechange@websense.com

Subject: RE: Suggest a Change to the Websense URL Database

Date: 14 December 2004 02:25:58 GMT

To: alecm@…

Hello,

Thank you for writing to Websense.

We have changed the categorization for
http://www.crypticide.com/users/alecm/security/ to
Freeware/Software Downloads. The update should be available in
the next publication of the database.

Thank you for your assistance.

The Websense Database Services Staff

[Comment Link for RSS]

source: Conversations with Websense

Extract from e-mail, follows. I am being polite, to see how far it
gets me. I find the below-cited issue with stemming - viz: that
multiple versions of the same URL, distinct by merely a trailing
slash, are treated differently - I find that rather annoying.

More updates will be posted as/when the situation warrants.

Subject: Re: Suggest a Change to the Websense URL Database

Date: Mon, 13 Dec 2004 20:56:16 +0000

To: “Websense DB Update” <databasechange@websense.com>

Hello again!

In March 2004 I wrote to you, explaining that my website had been
miscategorised by Websense; you speedily corrected the matter, and I
attach a copy of your response to me, below.

I have once again begun to receive reports from friends that my
website is oddly categorised - it appears that many subdirectories of
my website still beat the designation of “Hacking”, as opposed to
“Computer Security” - or, indeed, “Pictures of Alec’s Friends” which
some of them are.

For instance: here are the results of three separate lookups that I
have just performed, using the tool at
[www.websense.com] - note that the first two
URLs differ only in that the second has a trailing “slash”:

Products > Resources > Site Lookup Tool

Results for http://www.crypticide.com/users/alecm

URL: http://www.crypticide.com/users/alecm

Category: Computer Security <———- GOOD: SECURITY RESEARCH!

Database version: 92160

Database date: 07 Dec 2004

Product used: Websense Enterprise v5.1

Products > Resources > Site Lookup Tool

Results for http://www.crypticide.com/users/alecm/

URL: http://www.crypticide.com/users/alecm/

Category: Hacking <———– BAD: HACKING? FOR THE SAME URL?

Database version: 92160

Database date: 07 Dec 2004

Product used: Websense Enterprise v5.1

Products > Resources > Site Lookup Tool

Results for http://www.crypticide.com/users/alecm/albums/

URL: http://www.crypticide.com/users/alecm/albums/

Category: Hacking <——————— BAD: HACKING?

Database version: 92160

Database date: 07 Dec 2004

Product used: Websense Enterprise v5.1

I would be grateful therefore if you would kindly PURGE ALL references
for crypticide.org and crypticide.com from your database, so that we
can start over again, classifying it - if you classify it at all - as
a security research site.

[…deletia…]

[Comment Link for RSS]

source: Websense are blocking me, again…

For those 1000+ developers coming to Javapolis next week, please do drop by the Atlassian booth and say G’day. Scott and I will both be there giving JIRA and Confluence demo’s (mention this shameless plug and we might even buy you a beer ;))

I’m a bad boy, I still haven’t finished my presentation - I’m not even really sure what it’s supposed to be on. The topic is so broad (“Open Source Java”). I suppose I did write a book called “Open Source Java Programming”, so I’ll start from that!

On the topic of history repeating itself, I’d like to draw every Englishman’s attention to my favourite quote of the week (from the Fitz Files in today’s SMH) - Derek “Robbo” Robson from the BBC Sports website:

Nowadays we [English] fools are forced to sit through humiliation after humiliation as a bunch of superfit, sunscreened larrikins make our boys look like ninnies. Jonny’s drop goal was just a blip. We can counter that there’s more culture between the average working man’s toes than there is in Australia, but who wouldn’t swap William bleeding Shakespeare for a Darren Lockyer? Or a nice looking church like St Paul’s for a Glenn McGrath? I bloody would. So what’s the answer? Present the current British prison population with as much sporting equipment as jumanly possible, in the hope that history repeats itself…”

Absolutely hilarious. Amazing how riled up those Pom’s get when they lose at sport isn’t it?

(BTW I’m in London next week - if anyone wants a JIRA or Confluence demo, or a beer, or to talk about classic Australian sporting victories, please do let me know ;))

This post was written by Mike, source: Belgium, Javapolis and the Poms lost - history repeats itself…

I always find draft legislation amusing; in this case I am sure my
friends in the Police would be reasonably happy with the proposal
because their view of the law seems to be “that which you exercise
in order to nick someone who needs nicking” - rather than the
cause-and-effect, behaviour-changing “absolute” law in which Daily
Mail readers seem to believe… but nonetheless:

[www.spy.org.uk]

Identity Card Bill - 10 years in jail for going on strike or accidentaly causing a systems crash ?

We will have a lot more to say about the newly published Identity
Card Bill, but if you are a Civil Servant, a Trades Unionist or an
IT Contractor you should be very worried by:

31 Tampering with the Register etc

“(3) For the purposes of this section the cases in which conduct
causes a modification of information recorded in the Register
include-

(a) where it contributes to a modification of such information; and

(b) where it makes it more difficult or impossible for such information
to be retrieved in a legible form from a computer on which it is
stored by the Secretary of State, or contributes to making that
more difficult or impossible.”

[…]

Presumably this is the Home Office’s amateur attempt at drafting some
infinitely wide power to cope with Denial of Service attacks on the
National Identity Register systems.

However, this also seems to be threatening any Civil Servant or IT sub
contractor with up to 10 years in jail if they are engaged in
Industrial Action such as a Strike or a Work To Rule etc. !

It also would also penalise IT disasters such as the recent loss of
service caused by a software upgrade etc. at the Department for Work
and Pensions. […]

[Comment Link for RSS]

source: 10 years in jail for going on strike or accidentaly causing a systems crash?