Wikileaks: Controversial, But is it NSFW?

As government agencies and the military bar access to the WIkileaks documents, a poll of Web filtering providers finds most label the leak site more “newsy” than “naughty.” 

HED: Wikileaks: Controversial, But is it NSFW?
DEK: As companies look to bar access to the WIkileaks documents (or not) Web filtering providers must decide how to categorize the leaked documents. 
The controversy surrounding leaked diplomatic cables prompting organizations to weigh whether or not to block access to the leaked documents. But a poll of prominent Web filtering firms by Threatpost suggests that most consider WIkileaks sites to be sources of “news and politics,” not suspicious and malicious Web sites that demand blocking or extra security. 
Employee access to the leaked documents became a headline issue this week after it was reported that the U.S. Air Force is blocking its computers ability to access not just the Wikileaks Web site and mirror sites, but also the Web sites of news organizations, including that of the New York Times and 25 other news websites, that published the classified documents. (http://www.nytimes.com/2010/12/15/us/15wiki.html). In an unrelated story, the operators of a prominent WikiLeaks mirror Web site found its domain classified as “suspicious” by anti spam group Spamhaus. (http://www.theregister.co.uk/2010/12/16/wikileaks_mirror_malware_warning_row/) As corporations and governments weigh their “position” on Wikileaks, Web content filtering firms find themselves on the front lines: providing the tools to block access to those sites and, in some cases, helping define exactly what WikiLeaks “is” and “is not.” Our poll shows that, while there’s no consensus on how to characterize Wikileaks and its mirror sites, most content monitoring firms are treating the leaks site as a source of news and information, but leaving it up to customers to decide for themselves. 
Writing for Blue Coat Systems, malware researcher Chris Larsen said that his company is “neutral” when it comes to classifying the Wikileaks content, saying that its customers make decisions about what content to allow or block their users from seeing. Wikileaks documents are no different from other classes of content – including porn: some customers will want to block it and others won’t. Blue Coat Webfilter categorizes Wikileaks and its mirror sites in two categories: Political/Activist Groups and News/Media. The former are described as “sites sponsored by or that provide information on political parties, special interest groups, or any organization that promotes change or reform in public policy, public opinion, social practice, or economic activities.” The latter, News/Media sites, are defined as “sites that primarily report information or comments on current events or contemporary issues of the day. This category also includes news radio stations and news magazines but does not include sites that can be rated in other categories,” according to Blue Coat. 
Blue Coat customers can create policies that target specific sites within those categories to avoid overblocking content, according to Jennifer Arculeo, a spokesperson at BlueCoat. 
Wikileaks and its mirrors are “News and Media” sites for security firm Fortinet, too, said Ken Lin, a member of Fortinet’s FortiGuard security team. 
Over at McAfee, Wikileaks and its mirrors are classified as “Politics/Opinions” sites – one of over 90 different categories that McAfee lets customers choose from. Customers can also add their own sites to the filter in accordance with their policies, the company said in an e-mail statement. 
A Cisco Systems spokesman said that organization didn’t categorize Wikileaks and its mirrors one way or the other, though that would change if they started pushing malicious code or other threats. The same was true of Kaspersky Lab, though the sites do run afoul of Kaspersky’s parental controls for frequent mentions of war and violence, said Andrey Nikishin, General Manager of Kaspersky’s Cloud & Content Technologies.
Calls to censor Wikileaks within the U.S. have escalated since the release of “Cablegate,” a collection of more than 200,000 pages of sensitive diplomatic cables. This week, U.S. Senator Joe Lieberman called publicly for investigations of news organizations that published the cables (http://thinkprogress.org/2010/12/07/lieberman-understand-doj-treason/), including The New York TImes, while other politicians suggested Wikileaks founder Julian Assange should be tried under an 80 year old “Espionage Act” in the U.S. A newly elected U.S. Representative from Florida, Allen West (R-Fort Lauderdale) was quoted saying that media organizations that published leaked documents should be censored (http://floridaindependent.com/17394/allen-west-calls-for-censoring-news-outlets-working-with-wikileaks), though West later said he meant to say “censured,” not “censored.” 

As government agencies and the military bar access to the WIkileaks documents, a poll of Web filtering providers finds most label the leak site more “newsy” than “naughty.” 

HED: Wikileaks: Controversial, But is it NSFW?
DEK: As companies look to bar access to the WIkileaks documents (or not) Web filtering providers must decide how to categorize the leaked documents. 
The controversy surrounding leaked diplomatic cables prompting organizations to weigh whether or not to block access to the leaked documents. But a poll of prominent Web filtering firms by Threatpost suggests that most consider WIkileaks sites to be sources of “news and politics,” not suspicious and malicious Web sites that demand blocking or extra security. 
Employee access to the leaked documents became a headline issue this week after it was reported that the U.S. Air Force is blocking its computers ability to access not just the Wikileaks Web site and mirror sites, but also the Web sites of news organizations, including that of the New York Times and 25 other news websites, that published the classified documents. (http://www.nytimes.com/2010/12/15/us/15wiki.html). In an unrelated story, the operators of a prominent WikiLeaks mirror Web site found its domain classified as “suspicious” by anti spam group Spamhaus. (http://www.theregister.co.uk/2010/12/16/wikileaks_mirror_malware_warning_row/) As corporations and governments weigh their “position” on Wikileaks, Web content filtering firms find themselves on the front lines: providing the tools to block access to those sites and, in some cases, helping define exactly what WikiLeaks “is” and “is not.” Our poll shows that, while there’s no consensus on how to characterize Wikileaks and its mirror sites, most content monitoring firms are treating the leaks site as a source of news and information, but leaving it up to customers to decide for themselves. 
Writing for Blue Coat Systems, malware researcher Chris Larsen said that his company is “neutral” when it comes to classifying the Wikileaks content, saying that its customers make decisions about what content to allow or block their users from seeing. Wikileaks documents are no different from other classes of content – including porn: some customers will want to block it and others won’t. Blue Coat Webfilter categorizes Wikileaks and its mirror sites in two categories: Political/Activist Groups and News/Media. The former are described as “sites sponsored by or that provide information on political parties, special interest groups, or any organization that promotes change or reform in public policy, public opinion, social practice, or economic activities.” The latter, News/Media sites, are defined as “sites that primarily report information or comments on current events or contemporary issues of the day. This category also includes news radio stations and news magazines but does not include sites that can be rated in other categories,” according to Blue Coat. 
Blue Coat customers can create policies that target specific sites within those categories to avoid overblocking content, according to Jennifer Arculeo, a spokesperson at BlueCoat. 
Wikileaks and its mirrors are “News and Media” sites for security firm Fortinet, too, said Ken Lin, a member of Fortinet’s FortiGuard security team. 
Over at McAfee, Wikileaks and its mirrors are classified as “Politics/Opinions” sites – one of over 90 different categories that McAfee lets customers choose from. Customers can also add their own sites to the filter in accordance with their policies, the company said in an e-mail statement. 
A Cisco Systems spokesman said that organization didn’t categorize Wikileaks and its mirrors one way or the other, though that would change if they started pushing malicious code or other threats. The same was true of Kaspersky Lab, though the sites do run afoul of Kaspersky’s parental controls for frequent mentions of war and violence, said Andrey Nikishin, General Manager of Kaspersky’s Cloud & Content Technologies.
Calls to censor Wikileaks within the U.S. have escalated since the release of “Cablegate,” a collection of more than 200,000 pages of sensitive diplomatic cables. This week, U.S. Senator Joe Lieberman called publicly for investigations of news organizations that published the cables (http://thinkprogress.org/2010/12/07/lieberman-understand-doj-treason/), including The New York TImes, while other politicians suggested Wikileaks founder Julian Assange should be tried under an 80 year old “Espionage Act” in the U.S. A newly elected U.S. Representative from Florida, Allen West (R-Fort Lauderdale) was quoted saying that media organizations that published leaked documents should be censored (http://floridaindependent.com/17394/allen-west-calls-for-censoring-news-outlets-working-with-wikileaks), though West later said he meant to say “censured,” not “censored.” 

The controversy surrounding leaked diplomatic cables is prompting organizations of all stripes to weigh whether or not to block access of their employees to the leaked documents. But a poll of prominent Web filtering firms by Threatpost suggests that most consider Wikileaks sites to be sources of “news and politics” that don’t warrant extra security.

Employee access to the leaked documents became a headline issue this week after it was reported that the U.S. Air Force is blocking its computers ability to access not just the Wikileaks Web site and mirror sites, but also the Web sites of news organizations, including that of the New York Times and 25 other news websites, that published the classified documents. In an unrelated story, the operators of one prominent WikiLeaks mirror Web site found its domain classified as “suspicious” by anti spam group Spamhaus.  

But as corporations and governments weigh their “position” on Wikileaks, Web content filtering firms find themselves on the front lines: providing the tools to block access to those sites and, in some cases, helping define exactly what WikiLeaks “is” and “is not.”

An informal Threatpost poll shows that, while there’s no consensus on how to characterize Wikileaks and its mirror sites, most Web content monitoring firms are treating the leaks site as a source of news and information, but leaving it up to customers to decide for themselves. 
Writing for Blue Coat Systems, malware researcher Chris Larsen said this week that his company is “neutral” when it comes to classifying the Wikileaks content, saying that its customers make decisions about what content to allow or block their users from seeing.

Blue Coat Webfilter categorizes Wikileaks and its mirror sites in two categories: Political/Activist Groups and News/Media. The former are described as “sites sponsored by or that provide information on political parties, special interest groups, or any organization that promotes change or reform in public policy, public opinion, social practice, or economic activities.” The latter, News/Media sites, are defined as “sites that primarily report information or comments on current events or contemporary issues of the day,” according to Blue Coat. 
Blue Coat customers can create policies that target specific sites within those categories to avoid overblocking content, according to Jennifer Arculeo, a spokesperson at BlueCoat. 

Wikileaks and its mirrors are “News and Media” sites for security firm Fortinet, too, said Ken Lin, a member of Fortinet’s FortiGuard security team. 

Over at McAfee, Wikileaks and its mirrors are classified as “Politics/Opinions” sites – one of over 90 different categories that McAfee lets customers choose from. Customers can also add their own sites to the filter in accordance with their policies, the company said in an e-mail statement. 
A Cisco Systems spokesman said that organization didn’t categorize Wikileaks and its mirrors one way or the other, though that would change if they started pushing malicious code or other threats. The same was true of Kaspersky Lab, though the sites do run afoul of Kaspersky’s parental controls for frequent mentions of war and violence, said Andrey Nikishin, General Manager of Kaspersky’s Cloud & Content Technologies.

Calls to censor Wikileaks within the U.S. have escalated since the release of “Cablegate,” a collection of more than 200,000 pages of sensitive diplomatic cables. This week, U.S. Senator Joe Lieberman called publicly for investigations of news organizations that published the cables, including The New York TImes, while other politicians suggested Wikileaks founder Julian Assange should be tried under an 80 year old “Espionage Act” in the U.S. A newly elected U.S. Representative from Florida, Allen West (R-Fort Lauderdale) was quoted saying that media organizations that published leaked documents should be censored, though West later said he meant to say “censured,” not “censored.”  

Suggested articles

Discussion

  • Anonymous on

    Unless the Air Force restricts access to Google and other major search engines, blocking access to Wikileaks and a handful of news/media sites is completely and utterly ineffective.  This just goes to show how the US DoD continues to respond to every situation with a knee-jerk reaction, which is how the diplomatic cables and other classified documents ended up leaking onto the Internet in the first place - in other words, NO FORETHOUGHT.

  • anon on

    Such wicked acronyms.

  • Mike Shafer on

    One has to stand in complete awe at how completely out of touch with the workings of IT and the Internet are at least some (and it appears to be substantial) portion of the US Government and related military operations are.

    As per the previous comment that points out the foolishness of trying to block certain websites while leaving general access to the Internet which appears,  at first blush, to be rather comical in closer inspection it reveals a frightening fundamental lack of understanding of the distributed and connected nature of the modern networks and ultimately the Internet. In sum it would seem indicative of the traditional idea that the "enemy" can be located and isolated; an idea hopelessly antiquated both in the modern theatre of battle and the IT infrastructure of the world.

    Given these are the same people who are responsible for decisions ranging from the somewhat mundane to the extremely serious that awe tends, at least in my case, towards a healthy distrust and cause for deep concern.

     

  • Greek from Melbourne on

    Its not a technology issue - we and they (DoD) knowthe technology they have proposed does not work. 

    However they dont care about that, the point they are trying to make is a PR stunt to basically say they disapprove of people distributing the cables.

    The cables may have been relesed by the US Government itself or the CIA to expose the dirty laundry of all countries (except for the US of A of course) to take the global focus of USA which is currently in a spiral death, and is taking Israel down beside it.

     

  • Anonymous on

    Visitng Wikileaks has the potential of introducing classified information on an unclassified network or computer.  Rumors that the information is no longer classified because it now resides in the public domain are NOT true.  Executive Order 13526, Section 1.1(4)(c) states "Classified Information shall not be declassified automatically as a result of any unauthorized disclosure of identical or similar information."

    Blocking the website is a measure implemented by organizations to prevent classified information from entering their unclassified networks.  Some situations call for immediate containment.  This is not a knee jerk reaction.

  • Anonymous on

    I am in awe seeing how much some geeks are removed from reality! The USA does have the capability to shut down the net as a whole. They also have the capability to oust communist china (chicom) or Russia (CIS) or Brazil from the net (the top3 cybercrime and malware countries of the world).

    The key is spec-ops submarines, which have ROVs and combat divers to sabotage undersea cables and then good bye global net! Satellite capability tops out at less than 1% of what trans-oceanic fiber nets can carry, so it will be gopher time again, provided you still remember what gopher was to begin with...

    USA is undisputed ruler of the seven seas with its 11 nuclear powered aircraft carrier battlegroups and 50+ nuclear powered submarines. If they decide to severe some oceanic fibers to net-castrate the enemies of freedom (freedom as in capitalist democracy), the world will watch in shock and awe, like in Iraq. America is decades ahead of Russia and China with technology and her bald eagle has the majesty to let that poor Assange kid make a fool of himself.

  • Anonymous on

    Factually incorrect: "Calls to censor Wikileaks within the U.S. have escalated since the release of "Cablegate," a collection of more than 200,000 pages of sensitive diplomatic cables"

    WikiLeaks has actually only released a little over 1,000 sensitive cables, all of which were vetted and redacted to protect the innocent.

  • Anonymous on

    Mr. Genachowski over at the FCC is busily firming up his laws (there will be many) of intended consequences to stop this atrocious disemenation of what our government is doing to protect themselves from the public finding out what they are doing to "help" us!

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.