Today saw news that the Australian Communications and Media Authority (ACMA) had its blacklist URLs leaked on Wikileaks, a website often known for leaking secret documents.
The Sydney Morning Herald reported it exclusively at 11:44am this morning, stating that:
“The Australian communications regulator’s top-secret blacklist of banned websites has been leaked on to the web and paints a harrowing picture of Australia’s forthcoming internet censorship regime.”
In less than an hour after publication, Wikileaks published some 2,000+ URLs to its website stating they were blacklisted URLs in Australia for the month of August 2008. Wikileaks is currently offline, suggesting it fell on its back after being linked to from various sources.
Late this afternoon Senator Stephen Conroy and the ACMA issued 2 separate statements regarding the matter.
Senator Stephen Conroy, Minister for Broadband, Communications and the Digital Economy condemned the reported leak and publication of the list, stating:
“The leak and publication of prohibited URLs is grossly irresponsible. It undermines efforts to improve cyber–safety and create a safe online environment for children,”
He denied that the list of leaked URLs was that of the ACMA Blacklist, stating:
“I am aware of reports that a list of URLs has been placed on a web site. This is not the ACMA blacklist.”
ACMA said in a statement:
“ACMA has previously investigated and taken action on material—including child pornography and child sexual abuse images—at some of the sites on this list of 2300 URLs. However, the list provided to ACMA differs markedly in length and format to the ACMA blacklist. The ACMA blacklist has at no stage been 2300 URLs in length and at August 2008 consisted of 1061 URLs. It is therefore completely inaccurate to say that the list of 2300 URLs constitutes an ACMA blacklist”
What remains to be seen is if the regulator’s official blacklist was in fact leaked. What is known though is that a blacklist of some sort relating to URLs that do exist on the ACMA blacklist list was leaked. One has to ask how such a leak occurred.
Mark Newton, a Network Engineer for Adelaide based ISP Internode told Tech Wired:
“It’s interesting that I’ve been warning about security of the blacklist for close to a year, and it’s only today that the Minister has shown the slightest bit of interest in it. The fact that the blacklist appears to have come from an ACMA-approved filtering software package comes as no great shock, and I guess that means the Internet Industry Association can expect an apology for Minister Conroy’s slur this afternoon suggesting that the list could be made more secure by beefing up the IIA Family Friendly ISP scheme”
A user on Australian Broadband forum Whirlpool did an analysis on one of the governments defunct Net Alert funded filtering products, Integard. The user found a file using reverse engineering techniques to obtain a file named “Websites_ACMA.txt” within the programs architecture.
He found that there were similar URLs on the blacklist when comparing it to the Wikileaks list:
“It’s not the wikileaks list (it’s a month earlier I think) but it sure is similar…and that’s as far as I’m willing to look.”
The user’s post has since been deleted by moderators of Whirlpool as being inappropriate.
ABC did a story on Lateline about the leak, you can watch below:
Senator Stephen Conroy Media Release
