Blocking Software Reports
IGDecode: I-Gear list codebreaker
We decrypted the list of sites blocked by I-Gear and discovered that, of the first 50 sites blocked in the .edu domain, 38 out of 50 were obviously blocked in error, for an error rate of 74%. (Click here for an analysis of the first 50 .edu sites on the list.)
We also found that:
How to get I-Gear's list
to download the encrypted list of blocked sites from
I-Gear's server. (The download is 13 megabytes.)
Click here to download igdecode.exe, the I-Gear list codebreaker. The syntax for using the codebreaker is:
igdecode <filename>This prints the decrypted list. Since the decrypted list is still 14 megabytes, it would make more sense to redirect the output to a text file:
igdecode <filename> > output.txt
When you install I-Gear, it prompts you for information such as your real name and the company where you work. However, when this information is uploaded to Symantec, it also uploads the "real name" and "company name" that your copy of Windows is registered to -- i.e. what is listed if you look under the "General" tab of the "System" applet in Control Panel.
A Peacefire volunteer discovered that when I-Gear was installed on his Windows NT Server machine, it first contacted demand.urlabs.com and sent the following request:
GET /ding2/cgi-bin/ding2.cgi?action=getlicense&firstname=xxxxx &lastname=xxxxx&phone=xxxxx&shortkey=xxxxx&tain t=51222111111111125688&fax=xxxxx&email=xxxxx&organization=xxxxx &address1=xxxxx&address2=&city=xxxxx&state=xxxxx &zip=xxxxx&country=xxxxx&vendor=&reqip=&sysinfo=Wes%20Mills%3aWyver n%20Productions%20Group HTTP/1.0
(Here "xxxxx" represents personal data that was used to register this particular copy of I-Gear, which we have deleted. The highlighted information -- "Wes Mills, Wyvern Productions Group" -- was scanned in form Windows by I-Gear, and uploaded to Symantec at the same time. "51222111111111125688" was the computer's Windows NT Server product ID number; this was a legal copy of Windows NT that was used, even though "1111111111" is a generic Windows NT serial number. When this data is sent, URLabs's server sends back an activation key that is used as a "password" to download future copies of the blocked-site list.)
The choice of how much personally identifiable information you disclose to Symantec is completely at your discretion.
I-Gear's Web site does not include descriptions of the program's blocking categories, but they are given in a file manual.pdf which can be downloaded with the software. Since the PDF file is more than 2 megabytes, we have copied the descriptions of two of the "sex" categories below:
Obviously any attempt to ban the display of "photograph galleries, paintings that may be displayed in museums, and other readily identifiable art forms" to minors would be challenged in court under most circumstances.