The Breaking of Cyber Patrol 4 - Slashdot (original) (raw)

In the wake of recent announcements by Peacefire that they'd decrypted the secret block lists employed by two brands of censoring software, the "encryption" used by another major brand of software, Cyber Patrol, (produced by a company repugnant enough to advertise the increase in sales after Australia passed national censorship legislation), has also been broken. Matthew Skala and Eddy L O Jansson report in an in-depth essay about the practical difficulties encountered when undertaking this task. Their announcement follows.

Their announcement:

"March 11, 2000 - ANNOUNCEMENT

Cyber Patrol(R) 4, a "censorware" product intended to prevent users from accessing undesirable Internet content, has been reverse engineered by youth rights activists Eddy L O Jansson and Matthew Skala. A detailed report of their findings, titled "The Breaking of Cyber Patrol(R) 4", with commentary on the reverse engineering process and cryptographic attacks against the product's authentication system, has been posted on the World Wide Web at this address:

http://hem.passagen.se/eddy1/reveng/cp4/cp4break.html

The abstract of the report:

Several attacks are presented on the "sophisticated anti-hacker security" features of Cyber Patrol(R) 4, a "censorware" product intended to prevent users from accessing Internet content considered harmful. Motivations, tools, and methods are discussed for reverse engineering in general and reverse engineering of censorware in particular. The encryption of the configuration and data files is reversed, as are the password hash functions. File formats are documented, with commentary. Excerpts from the list of blocked sites are presented and commented upon. A package of source code and binaries implementing the attacks is included.

Eddy L O Jansson
srm_dfr@hotmail.com
http://hem.passagen.se/eddy1/index.html

Matthew Skala
mskala@ansuz.sooke.bc.ca
http://www.islandnet.com/~mskala/"