Big Brother Awards
quintessenz search  /  subscribe  /  upload  /  contact  
/q/depesche *
RSS-Feed Depeschen RSS
Hosted by NESSUS
<<   ^   >>
Date: 1999-09-28

Internet/filter & warum sie nicht funktionieren

-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-

Kristian und Marit Köhntopp [] über Versuche, das
globale Spektrum im Netz vertretener menschlicher
Ausdrucksweisen & Kulturformen in ein paar lächerliche
Kategorien zu pressen. Zweck sind die Vor/selektion, die
Eingrenzung, die Abschottung - Merkmale eines
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-

Why Internet Content Rating and Selection does not work

Version 1.2 (Released 26-Sep-1999)

by Kristian and Marit Köhntopp

Content rating models such as PICS have been proposed as
a solution to the problem of unwanted, harmful or prohibited
content on the Internet. This document
contains a number of Theses which support the claim that
any Internet Content Rating and Selection (ICR&S) scheme
including PICS cannot work as advertised.

To our knowledge, most of the problems and objections here
have not been addressed by PICS or any other ICR&S

Identifying the parties involved

This section tries to identify the parties involved in the
process of running and rating the web and their roles (see
below to understand why we concentrate on the
web). In small installations, a single person may impersonate multiple roles.

Server side roles

The content provider is the role which is responsible for all content of a document. Often the content provider is the creator of a document, but on the Internet it
is common that a content provider only provides means to create content, and does not actually create the content on a site. Examples are discussion boards,
search engines, live video feeds, and similar installations. Depending on the size of this content, it is entirely possible that the content provider does not have direct
knowledge of all content on a site and that much content on a site is not reviewed nor endorsed by a content provider.

The presence provider or web hoster provides the means to serve this content to the Internet by running the machines, the server software, and maintaining a
network connection.

Recipient side roles

An access provider runs the systems and network connections for the recipient of content. For small office and home use, this is currently often a dial-up service,
a proxy server, and similar hard- and software.

The recipient is either a person to be protected against harmful content, or an adult, which still should be able to access harmful, but not prohibited, content. The
recipient's hard- and software is maintained by system services which is a separate department in a school or library situation, in an Internet Cafe, or within a
company. The recipient's system may be a single system or a network of systems with proxy servers and intranet servers.

Internet Content Rating and Selection (ICR&S) roles

Developers of rating systems define the dimensions of a rating system and create rules how to apply values along these dimensions to content. They promote
their rating systems so that they become popular and are widely used.

A rating service will apply the rating system and the rules
that come with it to create ratings. These ratings, an identifier
for the rated content, a date, an identifier
for the rating source, and additional information (i.e. a
checksum against the rated content and a digital signature)
are collected to form a content label.

Content filter vendors create software which can regulate
access to content, depending on local settings (filtering
rules) and content labels.

Content filter control is often exercised by the party who
controls a machine, that is, the adult party in a household,
the dean of a school, the directorate of a
library, and so on. These filter settings are then deployed,
often by system services mentioned above, sometimes by an
access provider located upstream.

Attackers may be content providers, recipients, or other
parties who want to communicate outside of the control of a
filtering system.

Methods for content selection

Principle of Operation

The basic idea behind Internet Content Rating and Selection
is to attach a kind of machine readable description, called a
Content Label, to all Internet Content.
The Content Label contains a set of ratings which make up a
formal description of the rated content in a formally specified
system of ratings. Finally, the recipient
has to have a filtering mechanism before or on the recipients
machine which allows or intercepts reception and display of
requested content depending on the
Content Label and some local configuration.

Taxonomy of Rating Systems by Source of Rating

The Content Labels may be provided by different parties. In
Third Party Rating, a party that is neither the recipient nor the
sender creates content labels and
distributes them via a Label Bureau. Third Party Rating
requires a method to uniquely identify content components,
and Third Party Rating cannot be finer grained
than this identification system. Currently, all identification
systems are URL-based which implies that all Content
Labels refer to either URLs or coarser grained
objects (such as subtrees of a web server or an entire site).

In Second Party Rating, the recipient provides ratings and
shares them with other recipients. This is sometimes referred
to as a Community Rating process. Since
the sharing of ratings again involves a Label Bureau, for the
purpose of this discussion Third Party Rating and Second
Party Rating can be treated alike.

First Party Rating is different because here the sender
provides a Content Label with the content itself. Usually, this
label is embedded into the content or sent with
the content. A Label Bureau is not needed in this context.

Taxonomy of selection mechanisms by point of interception

The selection process at the recipients end can either be
implemented directly on the machine of the recipient, or it
can be part of a proxy solution upstream of the
recipients computer. In the latter scenario, the selection
process will not happen on a machine controlled by the
recipient and it is much more difficult to manipulate
by the recipient. A proxy-based selection requires that the
recipient is forced to use this particular proxy to be able to
access content at all (otherwise the recipient
could elect not to use a proxy at all or to use a different
proxy) and that the content can be identified and read by the

-.- -.-. --.-
Fuer Lauschangreifer, Spitzelfirmen, Datenhaendler,
gestzlich ermaechtigte Ueberwacher
Reichen Sie Ihre Nominierung ein:
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-

- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
edited by
published on: 1999-09-28
comments to
subscribe Newsletter
- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
<<   ^   >>
Druck mich


Eintritt zur Gala
sichern ...

25. Oktober 2023
Big Brother Awards Austria
q/Talk 1.Juli: The Danger of Software Users Don't Control
Dr.h.c. Richard Stallman live in Wien, dem Begründer der GPL und des Free-Software-Movements
bits4free 14.Juli 2011: OpenStreetMap Erfinder Steve Coast live in Wien
Wie OpenStreetMaps die Welt abbildet und was ein erfolgreiches Crowdsourcing Projekt ausmacht.