I've been gardening this approach for over 15 years, and these days anything that reaches my inbox is almost certain to be important.
I use procmail to filter my mail, but you can also achieve this with the mail filters of your reader. If you're using gmail, use their filter settings. If you're using MacOS, see Apple Mail's rules. If you're using Windows, go fuck yourself. (ht jwz)
- Use a good spam filter. I used to maintain my own, but I gave it up. I pay for pobox.com for their redirection and excellent spam filtering. Gmail is good too.
- If you join any mailing list, create a folder for it, and use the first message you get from the list to create a rule that sends all subsequent messages to that folder.
- People on your whitelist go straight to inbox (boss, spouse, friends)
- Any other automated email you receive goes to subfolders (I have folders 'alerts', 'bulletins', 'housekeeping', 'reports')
If something like this finds its way through to your inbox, rule it out. You could also give 'firstname.lastname@example.org' type addresses to each service you subscribe to, and filter on that.
- [optional] Anything from co-workers (mail from your domain, but not matching above 3 rules) to a folder named 'intray'
- If you have multiple addresses that all go to one mail server (e.g. catchall addresses for personal domains), create a subfolder for each. Anything not matching above rules, but to (or CC) a secondary address, goes into appropriate folder.
- Anything remaining goes to 'slopbucket'. This is mostly spam, and occasional true blind-CC
(Whitelist anyone who frequently blind-CCs you). This is also where new bulletins and alerts that you forgot to filter will land, and actual people who've never emailed you before.
A complete copy of my procmail rule file (~150 rules) is available courtesy of a procmail rule auto responder (email procmail at unixbigot.id.au with subject 'sendprocmail').
The remarkable take-home from my infrequent exposure to Facebook (et al.) is that the children of the 21st century (like my sister's kids) will grow up alongside a large database of photographs of them having metadata identifying each person in that photograph. Their parents' generation are also now retrospectively identifying the faces in their own photographs of themselves and their associates. Speeding the process up, Facebook now has automatic face tagging enabled by default. Apple's iTunes has had this feature for a few years already, as has Google's Picasa.
Secondly, the current crop of cheap-as-dirt point and shoot cameras has amazingly good and fast face detection. If there aren't already security cameras that can do "find the faces in this video feed, then quickly pan/zoom to frame and capture each face in turn", you can bet there will be real soon; casinos and pubs will be all over that, as will countries like Australia and Britain, plus every fascist dictatorship everywhere. Captured photos can then go to offline face-detection. Cellular phones are already effective tracking devices, but you can always leave your phone at home.
The final piece of the panopticon dropped into place with Apple's iCloud -- automatic uploading of photographs over wifi. You can bet pretty much every camera brought to market from now on will do this.
- Several massive databases of face-tagged photographs (Apple's, Google's and Facebook's)
- Most consumer cameras uploading pictures to the cloud in near real time
- Municipal face-harvesters (sorry, "safety cameras")
- Government access (overtly or covertly) to all of the above databases
You have crowdsourced real time tracking of EVERYONE and a near total database of their KNOWN ASSOCIATES, without governments having to legislate for it, or even issue identity cards. It wasn't necessary for the Evil League Of Evil to plan this, it just emerged from the market. And it's too late to get un-fucked.
False positives, the big point of failure in previous attempts at the face-scanning panopticon no longer matter so much; if you want to know who was at a given event, or where person X is now, the side channel data from cellphones and social connections can be used to winnow through the partial matches. If you have an 80% match for person X and also for 3 of their friends at one event, (or if their cellphone is known to be in the same general location) then the match can be confirmed without human intervention.
So, remember to wear your dazzle paint when you go out, OK?!
**** This file had errors that were repaired or ignored. **** The file was produced by: **** >>>> Acrobat Distiller 7.0.5 (Windows) <<<< **** Please notify the author of the software that produced this **** file that it does not conform to Adobe's published PDF **** specification.
Three of the spots closest to the train station are reserved for handicapped users. They're almost always empty.
The carpark is otherwise so full people have parked *on top of* people who've parked on the no-parking paintwork.
Now, since the distance to the actual station from the carpark is about six times the length of the entire carpark, including four flights of ramp, I'm sure the nonexistent handicapped users appreciate their priority parking.
Perhaps some of the car parks *right next to* the station at the top of the ramp could be designated disabled PnR?
When I worked in the filter industry ACMA added a handful of sites to the blocklist each week. During the same interval teenage boys at the schools that purchased the filter product I worked on managed to find HUNDREDS of new anonymous proxy servers each week.
2. The Darknet.
By the time Gummints notice a technology, it's old hat. The web is probably not what the kind of vile swill who seek kiddy pr0n even use any more.
We has it.
Filtering the web was barely feasible ten years back when this cockamamie idea was dreamed up. Nowadays you can get home broadband plans with TERABYTES. Filter that.
We live in a post-secrecy society. Remember what happened when the DVD CCA tried to supress a leaked encryption key?
Part 2 - Mrs Grundy Goes To Canberra
The Great Firewall is an instance of the time honoured
Military-Industrial-Hollywood-Complex tactic of getting the government
to legislate a market for your products. The anti-virus and "desktop
nanny" companies managed to get free money by convincing the previous
government to subsidise supply of their products. The compromise
reached on the Liberal government's attempts to filter the internet
was that ISPs were required to offer filtering software to
customers, paid for by government subsidy.
The network-level filtering firms saw this happening and wanted in at
the trough. During the Howard administration the idea was formed to
lobby for a national network-level porn filter, by bad-mouthing the
effectiveness of home firewalls and desktop filtering. When it became
apparent that the argument was not having an effect on the then
communications minister and department, and with an election due, the
industry instead focused its lobbying efforts on the then-opposition,
particularly shadow minister Stephen Conroy.
To give the industry some credit for not being complete crunts, they
were at least only lobbying for the same opt-in subsidy as was
available to desktop filter vendors. The mandatory single
filter part is as far as I know, Senator Conroy's own brainchild.
I want to focus on the "secret blacklist" today. Many people have
asked how we can trust the government to be allowed the power to
secretly block speech and publishing without oversight. For several
years I maintained a filter vendor's copy of the secret list, and I
can tell you firsthand about the feelings of trust this engendered.
A national filter of course requires a list of things to be filtered.
The national blacklist has been a reality for many years, born out of
the previous government's censorship legislation, as the ability to
block everything on it was a condition of eligibility for the subsidy
created by previous legislation. The list is maintained by the
Australian Communications and Media Authority (ACMA) under the the
Broadcasting Services Act of 1992. It is distributed to filter
vendors (both desktop and network) who build it into their products.
Typically a vendor has their own classification database which they
can block in addition to the mandatory list provided by ACMA. A
filter vendor may classify millions of URLs, far beyond the tens of
thousands on the ACMA list, and provide configurable levels of
blocking to subscribers.
Much of the content of the ACMA blacklist is child porn, a distressing
amount of it. I'm not talking about photos of girls soccer teams, or
even illicit upskirts, I mean pictures of little girls and boys with dicks
in their mouths (and worse). But the list is by no means all undeniably
vile. Some of it is mainstream adult sites. There's a smattering of
teen grossout sites. Some of it is drug or medical information. Some
of it is political speech. Some of it was listed for no reason I
But what is more concerning than the content of the list is the way it
was managed. Additions were sent out weekly, in plain email addressed
to a list of filter companies. There appeared to be no real process
for removals---instead the list would, once or so each year, be
"washed" and replaced with a new master list, then weekly additions
I did not observe evidence of coordinated intent informing additions;
I believe added URLs came purely from public complaints, and maybe
results of law enforcement investigations . There did not appear to
be any proactive plan for discovering material to be added to the
list. You or I could probably name a few famous sites we think would
be on the list but aren't.
Every week I would receive the list of added URLs, typically between
five and thirty new URLs each week. There was no set format to the
mail, sometimes it was text, sometimes it was HTML, sometimes with
protocol leaders, sometimes without. Font size was random and would
vary within the list. It appears that somebody was manually pasting
URLs into an email, resulting in haphazard spacing and formatting.
Automating the process of amending the vendor's copy of the blacklist
was quite a challenge.
The URLs themselves did not appear to be intelligently vetted or
canonicalised--a common mistake was a domain.name..with.double.dot.
Presence or absence of www. leaders or trailing slashes was
inconsistent. Often an entire domain was listed, but other times an
update would list just two or three pages at one site, but by no means
all the objectionable pages. Often URLs containing query strings, or
usernames, or denoting single media files were listed. URLs
representing search engine queries were listed.
It was only a requirement for compliant filters to block the
exact listed URLs, so if http://example.com?ref=othersite.cc
was listed, then http://example.com would remain unblocked.
Sometimes you would see http://ickysite.tld/ added, and then months
later several URLs of the form http://ickysite.tld/gross.jpg would be
The email always stressed that "the Australian Communications and
Media Authority has conducted an investigation into internet content
located at the following addresses" and that each of those URLs had
been reviewed and deemed to be "prohibited or potentially prohibited
content as defined by the Broadcasting Services Act 1992". The review
process however did not seem to extend to conscious thought.
The people maintaining this list either have no volition to modify the
URL in the complaint, or no clue what they are doing. Blocking the
userpage of a particular YouTube user, for example, does not block
their videos, which presumably are the actual objectionable content.
One update would selectively block three or four pages at a really
objectionable site, while another would block the entire domain of a
"mainstream" non-extreme adult site. Adult sites Redtube,
fleshbot, stileproject, youporn all received
a blanket block. But, and I am not making this up, ACMA
"investigation" revealed that only the single page
I do not know whether the behaviour I observed from ACMA was a
consequence of the constrained scope of the current opt-in blocking
legislation or prima facie evidence of incompetence. In either case I
am not inspired to trust ACMA one whit to do a comprehensive or
Aside from the political and moral justifications for or against
censorship, what Australian internet users are faced with here is
either submission to a capricious, incompetent and ineffective censor
that blocks content largely at random, or blind rubber-stamping of
any vaguely risqué URLs nominated by anonymous complainants.
Either of those alternatives is a nightmare.
In 2008 ACMA responded to concerns from filter vendors that their
distribution mechanism for this purportedly secret information was
insecure and too labour intensive. Their response was to switch to
emailing a password-protected ZIP archive (sometimes wrapped as
self-extracting-executable), and require filter vendors to reply
giving a cellular telephone number to which the password could be sent
They appeared genuinely baffled as to why a emailing .ZIP or .EXE
file, with password via SMS was not acceptable to vendors as a
"security" solution. Never mind that neither of those technologies is
even vaguely secure, as a professional business communication
procedure it is laughable. Briefcases in the park would be preferable(*).
Handing ACMA any more power than they already have is putting the
Village Idiot in charge of the nuclear power plant.
Next time I want to talk about why a national filter cant work no
matter what URLs are added to any lists.
* To their credit I understand that, shortly after I left the industry
in 2009, ACMA consulted with vendors and chose a new distribution
method involving modern web protocols.
Part 1 - the decisive battle was yesterday
You will have heard that the Australian Government has shelved it's
plans to introduce a mandatory "Great Firewall", and that while an
Independent review proceeds certain ISPs will voluntarily block a
short list of undeniably vile child pornography URLs.
This is not good news.
I worked in the filtering industry for six years. I was a senior
engineer at a company that sold network-level filters to schools
and businesses, one of the companies that whispered poison in Conroy's ear
while the current government was in opposition, having failed to sell
the idea to then-minister Coonan. I maintained my then-employer's
copy of the Secret Blacklist, updating it weekly with the latest
additions (almost never removals) from ACMA.
The Biggest asset that anti-censorship campaigners have had is that
the ISPs in general did not want be censors. They couldn't be arsed
being the government's stooge, it gets in the way of rampant profit.
The ISPs have maintained that filtering web traffic is in fact
technically impossible, and that any attempt to achieve it would
hopelessly degrade internet experience to third-world levels.
(The argument of impossibility has always been a little bit bullshit,
since cheapskate ISPs are happy to deploy caching transparent proxies
to save money, and in reality a practical caching proxy is only a
tiny tweak away from a filter.)
As for the performance issue, its my experience from actually
writing code to filter web traffic that the further you put the
filter from the users, the slower and less effective it is.
Households that want a filtered feed should seek firewall or
local-loop provider solutions.
For the biggest top-tier ISPs in the country to suddenly announce they will
"Voluntarily" filter a list of child-abuse sites represents a massive
about-face on their part. I can only wonder what sort of leverage the government
has exercised to force this concession.
I'm dismayed by this "victory" on filtering because:
- its an attempt to avoid having censorship debate during the election
- paradoxically, after the election, whichever party wins can claim a
"mandate" to implement their version
- if the ISPs can filter a list of hundreds of sites successfully, then the
infrastructure is already in place for them to be later compelled to filter
- worst, the users who will be "consulted" on whether the filtering has
an "acceptable impact" are going to be Telstra and Optus customers(!) I'm not
sure the undiscriminating dopes who put up with Big Telco service
would know a millisecond from a millipede. I expect some grandma from Dubbo
whose Windows95 box and 33k6 modem are just as "snappy"
as ever will be "proof" that the filter "works fine".
So don't treat a "review" as anything but a sneak-attack, and do keep this issue hot during the election.
Next post I want to talk about my assessment of the arguments for and
against the filter, and after that examine the technical issues of
actually implementing it, and share some of my experiences from my years
in the filtering industry.
Dear Whatever Crazy Fuck Originated This Plan: "Taxes pay for services" was the bullshit governments used to sucker us into paying taxes in the first place, remember? "Social Contract" ring any bells?
You want to welch on the services? Fine, I'm not paying any more taxes.
See how you like supporting your crack habit by sucking dicks in an alley, instead of embezzling from the public trough.
- Current Mood: grumpy