Re: Agent-mediated access (was Re: Criticism of Kidcode...)

Brian Behlendorf <> writes:

|When we talk about "security" in this regard, we need to be careful.
|Nothing we design will deter a determined individual from seeing what
|they want to see.  A 12-year-old armed with Dad's credit card could set
|up a Netcom account and away he goes.  To me, this is acceptible - a
|determined 12-year-old will sneak a peak at Playboys on a rack in a
|bookstore too.  We can only try and ensure that circumvention doesn't
|become trivial.

I do not know the porn access laws for kids in other industrialized nations,
but I suspect that they are less restrictive than in the US.  In the seventies
when the US restrictions on porn were less severe, we used to sneak a peek at
every convenience store  While we weren't gawking, we were in the computer lab
taking apart BASIC star trek games on Cybers, and learning key skills.  If I
hacking BASIC at age 12 in 1974, it is not out of the question for the 10 year
olds of 1996 to be hacking HTTP, especially if there's something really juicy
the other end.

Until the uri group bakes URC's that can be accessed and scanned for keywords
and other metainfo, content filtering can be better handled on the client side
without munging the protocol and access methods.  Stop-gap measures could be to
create a list of 'bad words' that the client can grep for in each HTML document
(an argument for text/html?) or hostname part of each URL and refuse to present
any offending documents.

I would like to see this problem addressed as part of a larger question of
content quality assurance services.  As part of a strategy to increase the
signal to noise ratio for researchers gathering information on the net, content
could be given quality ratings or SOAPs by recognized authorities,
by sites or object, and hits run past the QA server.  Data that made the cut
could be presented to the user, and those which didn't not, or mailed to a
moderator (parent) for human evaluation.  For each content subject domain there
would evolve a set of recognized evaluation authorities from which the end user
could pick and choose.  These seals of approval could be included in the URC or
ascertained by another TBD net access protocol from the authority.

These could be range from formal peer review for scholarly publications to the
the infamous Meese Commission (for the good stuff) to a churchful of christian
coalition lambs-of-god taking a big fat tax exemption to continually browse the
net to protect children from satan and porn.  (QA servers could, of course,
refuse to cooperate from any client connecting from, say, * which would
complicate the mix) Using a URL encoded rating scheme such as KidCode does not
allow for multiple QA sources.

If those who believed that children should see nothing more threatening than
Barney the Dinosaur, a rating service could be established that reflected this
world (non)view and content could be filtered against its determinations.  But
parents need to be aware in no uncertain terms that they cannot abdicate their
responsibility and expect the net to babysit kids just like TV.  TV has fewer
content providers and (for the moment) tighter regulations on content, while
the net has an essentially infinite number of providers and is therefore more a
democratic and accurate reflection of its user population.


Received on Monday, 26 June 1995 18:12:01 UTC