Censorware Exposed Again by Chris Oakes 3:00 a.m. 9.Mar.2000 PST If you buy software to filter smut from the eyes of Web-savvy children, you might expect it to catch a few innocent sites in its electronic net. But you may be surprised if over half of those sites being blocked are on the list for no good reason. That's what anti-"censorware" organization Peacefire says it proved when it decrypted a list of the thousands of sites blocked by I-Gear, Internet-filtering software from software firm Symantec. "It shows how far people are willing to go in censoring people under 18 without applying critical examination of the tools," said Bennett Haselton, 21, who founded Peacefire in 1996 to promote "free access for the Net generation." Since then, Peacefire has frequently made a point of poking holes in the strategy of filtering Net content from youthful eyes in homes, libraries, and schools. "If [Symantec] hadn't taken time to pay an intern $10 for an hour's time to do what I did, it means they didn't care enough to take the time to improve their product," Haselton said. What Haselton did was develop a software utility that could decrypt the list of Web addresses blocked by I-Gear. Using the software himself, Haselton examined the first 50 addresses blocked in the category of sites ending in the .edu domain. Ostensibly blocked by I-Gear under "pornography," Haselton said the majority of the blocked sites didn't begin to fit the description. Symantec said that posting the decrypting software and site information violates the end-user license agreement that comes with its software. The company has asked the ISP that hosts Peacefire's Web pages to remove the link to the Symantec information. That argument, if it went to court, could face the same legal questions of "reverse engineering" coming into play in lawsuits over a utility that enables allegedly illegal playback of DVD discs on Linux computers. An overall analysis of the blocked sites produced a 76 percent error rate for I-Gear, Haselton said. These sites included a student site showing an experiment in which the face of model Cindy Crawford morphed into the face of Claudia Schiffer, and parts four and six of an academic analysis of the decline and fall of the Roman Empire. Another blocked page included a lengthy text written entirely in Latin. Peacefire deemed such sites "obvious errors," but also included in its evaluation "marginal errors." Such sites included a satirical look at growing up, entitled "How To Get By When You're Just As Dumb As Everyone Else, But Uglier." The site contained "some profanity," Peacefire said, but was not "pornographic" as categorized by I-Gear. Symantec Vice President Arthur Courville said Peacefire is acting illegally. "It was making part of our software available to the public in a manner that it was not suppose to be made available," and that violates the company's trade secrets and copyrights, said Courville, who also is Symantec's general counsel. Neither Peacefire nor its ISP has acted on Symantec's request. Courville wouldn't say whether the company planned to pursue the matter further. In 1997, another filtering software company, Solid Oak, threatened legal action against Peacefire for similar actions against its CyberSitter software, but never followed up on the threat. As for the allegedly error-ridden list exposed by Peacefire's actions, Symantec said what should and shouldn't be included in a list is often a matter of opinion. "The I-Gear product is infinitely configurable, so the user can set that to exclude everything on filter list[s], use portions, add or subtract individual sites," Courville said. "So it's really up to the end user. "Whenever dealing with a subject that covers as wide range of what we're talking about here, there are areas that people are going to have different opinions about." The product has approximately two dozen subject categories, he said, including crime, drugs, finance, sex, and nudity. Liza Kessler, staff counsel at the Center for Democracy & Technology, said that if its work is valid, Peacefire has once again proven the risk parents and administrators take when they rely on software to monitor their children's Internet use. "If consumers want this stuff they need to be able to make informed choices about what they're getting," Kessler said. "If these companies are not being truthful and someone exposes underlying truths of what is being censored, that provides a lot of additional information to consumers." It's not realistic for a company to expect the end user to review every site for relevance to a blocking category, Kessler said. Courville admitted that mistakes are "possible," as the list is processed in a combination of human and automatic review. As for the blocked Latin page, Courville speculated that the software's language-translation capabilities may have found something in the Latin text that qualified it under the pornographic categorization. Haselton guessed that something may have been the high frequency of the Latin word "cum."