August 10, 2009

Old tricks that still work... [Just to note]

Long long time ago , some tricks has been identified (some people call this a vulnerability, due to nature of the buggy device) on a content filtering system widely deployed in country which let us easily bypass filtering system . Well , the case has been documented & archived without proper vendor response and some years passed .

Few days ago I found a tiny application let the user bypass content filtering systems nicely in a very tiny application (about 5kb of size ) . Checking internals of the tool I found that it`s using one of the same old tricks I mentioned, behind it`s simple GUI . Not a big deal at all , but it`s interesting for me how things has NOT changed since the last time that vendor has been checked for this bug , as a massively deployed content filtering appliance. Should we call it 'shame' or a 'fail' , or even worse 'lack of technical knowledge to fix' for the named vendor ? :)

I guess below image is self-explaining .


4 comments:

  1. Which filtering system, which tiny application?

    ReplyDelete
  2. Withholding names is to prevent this blog from being accessible only by that tiny program ;)
    Google for antiSec + Green movement . you may find something alike...

    ReplyDelete
  3. Hi,
    thx for announce this , but i think this tool only bypass government filtering system and work in that ISP which useing gov fitering system without extra solution for content filtering, and can`t effect on ISP filtering system with software and hardware soloution.
    i test in my ISP and not work.

    ReplyDelete
  4. I've never mentioned it as a GENERIC trick so, yes it shouldn't`t work on any isp. As I wrote,it affect an specific filtering appliance which is gov's picked one for filtering . Of course many ISP/ICPs deployed another solution before this, on their network .

    ReplyDelete