Dhiraagu begins internet porn censorship?

It seems that Dhiraagu, the "largest" ISP in the Maldives, has begun to enforce censorship on pornographic websites. Random checks so far indicate that this is in effect for all forms of internet access via Dhiraagu. This block, which began a few days ago, is quite monumental given that so far no ISP in the Maldives has been known to enforce any form of content filtering or censorship other than site-specific access bans on a handful of political websites critical of the current government and its leaders.

Maldives, which officially lauds itself as a 100% Muslim country, has maintained strict bans on import of any sort of pornographic material into the country and enforces it through screening at the Male' International Airport, checks aboard marine vessels and via inspections at the Post Office. The ban does extend to the digital world and there has been atleast one person who has been prosecuted for the access and possession of digital porn. However, the enforcement component of this law does not seem to have been mandated to the ISPs operating in the country as such material has typically been freely accessible. Also, interestingly, partial proxy logs has previously suggested that as high as 70% of internet data flowing in the country may constitute of such material at times.

To me, this is a sudden interesting twist in the story of the Internet in the Maldives and one that needs to be monitored and debated. Internet has been the last remaining oasis of freedom of speech and expression in the Maldives with users expressing themselves unbound, taking part in unhindered debates and engaging in other activities that would typically land serious jail time if done in the “real” world. Internet has also been the only avenue for people to get access to a wide variety of intellectual material - stuff that typically are beyond easy access because of the poor state of our libraries and bookshops and stuff that are beyond access due to strict import laws. If this porn censorship signals the beginning of a wider campaign to block particular content then the freedom that most internet lovers has enjoyed so far may about to be hurled into oblivion.

However, these might be purely paranoid postulations on my part (and I so hope they are!), especially given that Dhiraagu has made no statement about such actions added to the fact that the service from other ISP, Focus Infocom, seems to not have followed suit. A friend at Dhiraagu has suggested that this ban be not official but rather have to do with a mere (temporary) technical re-routing of data through proxies typically intended for use on special connections provided to educational institutions which do carry content filtering for "inappropriate" material.

I might not be arsed enough to object to porn filtering but any more filtering and censorship than that and I object to it entirely – an objection that includes the current access bans on select political sites. Censorship on intellectual material bothers me enough to voice concern even if there is just the mere possibility of it...

PS: Here is a non-exhaustive, extremely tiny list of some of the explicit sites being blocked by Dhiraagu. It was created by an automatic crawler that I wrote to check sites for proxy-based censorship. The list is not meant for anything other than your amusement :-)

I, Dhiraagu proxy server

Now I know quite a few people would wet themselves on hearing of the dirty things one can do to Dhiraagu. I also know quite a few people would risk actually trying what I am about to narrate, so here I begin with a disclaimer.

-----
Disclaimer: The information presented in this article is mostly for entertainment purposes and whatever educational value it may posses must be the result of some exotic butterfly flapping its wings under the canopy of the Amazon. At no time do I recommend you or any circus animals attempting these and consequently, I take no responsibility for your actions.
-----

If you are a dialup user on Dhiraagu Dhivehinet then every time you dial-in you get an IP address assigned automatically. An IP address is sort of a unique identifier for your computer on the internet. I was setting up an internet dialup connection to Dhiraagu on a friend's computer a few years ago when I wondered what would happen if I were to specify my own IP address in the settings rather than let Dhiraagu automatically assign me. If things were set correctly at Dhiraagu, what I was about to do should not be possible. However, I decided to try it out anyway, hoping that they might have mucked it up.

I decided I would attempt using the IP for the Dhiraagu proxy server, i.e. assign myself the same identity as the web proxy operated by Dhiraagu. As you might already know, all WWW traffic flows through a proxy server if you are a Dhivehinet customer, therefore the proxy server knows what you browse, when you browse and can totally keep tabs on you. Similarly, by assuming myself its identity I should be able to see what the real proxy sees. I should be able to grant myself the same power! Sure enough, as soon as I dialed in with the forced IP, the connection status icon at the bottom of the screen lit up. The received packet count in the connection status window kept on increasing endlessly. I was getting bombarded by the web traffic coming into the proxy! I had successfully assumed its identity. I then disconnected and I sat there with a wicked smile painted on my face, imagining the possibilities this opened up.

Few minutes later, my fingers were flying over the keyboard furiously as I wrote a quick ?n dirty proxy server software. Its purpose was to act as a proxy, logging all the data it receives. I could have done a kazillion fun things to add to that but I resisted the temptation. An hour or so later, I had the proxy program working as I wanted and so went back to dialing in. As soon as my connection got established, the program started displaying the various requests coming in from users on the Dhiraagu network. Less than a minute into the dialup and my program crashed due to overflow. There was too much data! I reprogrammed bits to fix the issue and went back on, logging data for about 5 minutes before disconnecting.

I opened up the log file created by my program and analyzed the various connection attempts. By the end of going over the log, I had another reason to be quite amused. The log indicated that about 75% of all requests I had intercepted was for pornographic websites. This was proof that much of the Maldivian internet users used the internet for porn!!

Anyway, this "flaw" gives rise to a whole set of opportunities. I could impersonate any server on Dhiraagu. I could become one of their FTP servers and start logging username/passwords. I could become one of the web servers and start serving rogue web pages. I could become the email server and log username/password as people attempt to check mail. The possibilities were almost endless...

I have mailed Dhiraagu several times over the years regarding this issue but never received a reply. Sadly, this was still working about 6 months ago according to a friend who tried it. However, it may have been fixed in the recent endeavor by Dhiraagu to improve the security in their networks.


UPDATE (11-09-2005):
I just received a log from "Fatty" of Digitial Squid that re-confirms what I revealed in the article. Thanks Fatty!

Below is a screenshot of the captured traffic in Ethereal where I have placed a "http" filter to list only the web traffic. On the right side, it shows the various websites people are browsing and on the left of that is the associated IP address requesting that particular page. It is interesting to note that 53 percent of the requests are for porn :-)

For the technical lot who are keen to see the actual Ethereal capture, HERE is the log that Fatty provided me with.


Captured data on Ethereal when posing as Dhiraagu proxy