Providers and blacklist sites
Not so long ago, the Internet community actively discussed the laws on blocking sites with child porn, there was talk about blacklists, someone was for, someone was against, someone was, in general, all the same.
And yesterday, there was a meeting of large Internet companies, which were attended by RU-Center, MTS, Hosting Community, RAEC (Russian Association of Electronic Communications), which includes more than 80 Internet companies, the Foundation for Assistance to Internet Technology and Infrastructure Development. The technical details of website blocking were discussed at this meeting.
Ru-Center Deputy Director Pavel Khramtsov said that one of the main recommendations of the industry participants is to block content by addresses (URL), not by IP (it allows you to close and bona fide with bad sites). It is also about the meaninglessness and inefficiency of IP blocking, said RAEC analyst Irina Levova.
Previously it was assumed that the clarification will be made to this law at the level of by-laws. But, for example, the problem of IP addresses is not solved at this level — the law itself must be ruled, Levova said.
')
Another suggestion is to let the provider choose the way to restrict access to information. The text of the law adopted in July assumes that the domain, network and IP addresses of pages with illegal content will be entered in the register of bad websites. At the meeting, it was proposed to make the description of the blocking procedure more general and oblige providers to block information, and not the site, says the main expert of the information security department of MTS Dmitry Kostrov. Then the operator will be able to decide how to block access to him.
But no traffic filtering system is 100% effective. According to Khramtsov from Ru-Center, the filtering efficiency by URL is about 60%, and if you use the system of deep packet analysis (DPI) - 80%. But DPI systems are expensive and their implementation on fixed networks does not pay off, Kostrov believes (he previously estimated DPI implementation at $ 51 million): on mobile networks, DPI is used to control traffic in general, and in fixed networks its functionality will not be fully demanded. . MTS is exploring several options for filtering traffic — based on DNS (when user’s DNS requests are redirected to the operator’s filtering node) and using high-speed traffic analysis systems, Kostrov says.
And yesterday, there was a meeting of large Internet companies, which were attended by RU-Center, MTS, Hosting Community, RAEC (Russian Association of Electronic Communications), which includes more than 80 Internet companies, the Foundation for Assistance to Internet Technology and Infrastructure Development. The technical details of website blocking were discussed at this meeting.
Ru-Center Deputy Director Pavel Khramtsov said that one of the main recommendations of the industry participants is to block content by addresses (URL), not by IP (it allows you to close and bona fide with bad sites). It is also about the meaninglessness and inefficiency of IP blocking, said RAEC analyst Irina Levova.
Previously it was assumed that the clarification will be made to this law at the level of by-laws. But, for example, the problem of IP addresses is not solved at this level — the law itself must be ruled, Levova said.
')
Another suggestion is to let the provider choose the way to restrict access to information. The text of the law adopted in July assumes that the domain, network and IP addresses of pages with illegal content will be entered in the register of bad websites. At the meeting, it was proposed to make the description of the blocking procedure more general and oblige providers to block information, and not the site, says the main expert of the information security department of MTS Dmitry Kostrov. Then the operator will be able to decide how to block access to him.
But no traffic filtering system is 100% effective. According to Khramtsov from Ru-Center, the filtering efficiency by URL is about 60%, and if you use the system of deep packet analysis (DPI) - 80%. But DPI systems are expensive and their implementation on fixed networks does not pay off, Kostrov believes (he previously estimated DPI implementation at $ 51 million): on mobile networks, DPI is used to control traffic in general, and in fixed networks its functionality will not be fully demanded. . MTS is exploring several options for filtering traffic — based on DNS (when user’s DNS requests are redirected to the operator’s filtering node) and using high-speed traffic analysis systems, Kostrov says.
Source: https://habr.com/ru/post/149733/
All Articles