Internet connections of Australian Senators are censored more heavily than most of their fellow citizens — even more than MPs in the House of Representatives — thanks to a heavy-handed security policy and the work of former Senator Steve Fielding.
Senators are blocked from accessing the entire .info generic top level domain (gTLD), and a separate block list removes around 35 million websites from their view.
"Generally, access to .info sites from the parliamentary computing network (PCN) is blocked. This is done for security reasons," wrote David Kenny, acting secretary of the Department of Parliamentary Services, in response to an enquiry from political blogger Syd Walker.
Walker's own website at sydwalker.info had been reported by MPs as being inaccessible from Parliament House.
"Access to a specific .info site is enabled upon request, on a case by case basis," Kenny wrote in the email confirming that Walker's website was no longer being blocked.
When asked for further details of the policy, Kenny wrote: "IT sites are blocked for security reasons — including related to threats other than spam... I do not propose to go into further details about operational IT security matters."
Walker blogged: "I may be thick-skinned, but I can tell when a bureaucrat is (politely) telling me to piss off and mind my own business."
Blocking all .info domains may not be such a bad idea.
A 2010 report by security vendor McAfee reported that the .info gTLD contained almost as many risky websites as safe ones. McAfee classified 30.7 per cent of all .info domains as "risky".
Since then, Kaspersky Lab researcher Kurt Baumgartner has noted that malicious website operators have been [[xref: http://www.securelist.com/en/blog/208193204/Is_info_the_new_cc |migrating to .info domains|]] from the .co.cc and .cz.cc sub-domains — which he described as "absolutely littered with malware-distributing websites" — when those .cc domains started being cleaned out in late 2011.
Pavel Vrublevsky, co-founder of online payment service ChronoPay and an alleged operator of fake anti-virus scams, was arrested in August. Kaspersky researchers took control of the Hlux botnet, which was partly controlled from the .cc domain. And Microsoft took the owner/operator of .cc domains to court.
"All of these things sent the rats running from the sinking ship. But these rats need a place to go and the place they are headed looks to be .info," Baumgartner wrote.
In Senate Estimates yesterday, Kenny revealed that since the .info block was put in place on 27 October, a total of 68 domains had been unblocked on request.
CSO Online understands that this total block of .info domains is a temporary measure, and is expected to be lifted in a matter of weeks following an independent security review.
The block of some 35 million domains is a separate matter.
Back in 2008, Family First's socially conservative Senator Steve Fielding was shocked to discover that, unlike their staffers, Senators could freely access websites containing "inappropriate" material including "pornography, illegal drug references, gambling, games, racist or hate sites, violence, illegal weapons manufacture or procurement".
As a result, the filtering imposed upon Department of the Senate employees was extended to all senators and their staff.
"Should a senator require access to a website that may be restricted by the filtering system, they can arrange temporary or permanent access through the Usher of the Black Rod," the Senate's Deputy President said at the time.
Fielding ceased to be a Senator on 30 June 2011.