On Sun, 03 Jul 2005 12:41:23 EDT, Ted Fischer said:

> >Go read this: http://65.246.255.51/rfc/rfc3675.txt
> >
> >And ask yourself (a) why did that URL work at all, and (b) whether censoring
> >via top-level domain is likely to work.
> 
>     As an interesting side note, my e-mail client (Eudora) helpfully popped 
> up the following message when checking the above URL:
> 
>          "The host, http://65.246.255.52/rfc/rfc3675.txt, is a numerical IP 
> address; most legitimate sites use names, not addresses."

Of course, if you're a subversive visiting the site *because* somebody with
jackbooted thugs has censored the DNS, said site probably isn't considered
"legitimate" by those in power....

And it's a hopeless task - blocking by DNS isn't workable, and even blocking
problematic sites by IP isn't workable.  It's pretty easy to show that if you
allow *any* traffic at all, there's covert channels available. Just take the
bandwidth of the pipe, treat the censorship as "noise" (the more heavy-handed,
the noiser), and work out the Shannon limit....

Attachment: pgpBELmSGMvkm.pgp
Description: PGP signature

Reply via email to