cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
CraginS
Defender I

Ridiculous Community Censorship

I just posted a reply in the thread Is SMS 2FA Sufficient Login Protection ?

 

However, before the Community site allowed the post, i had to remove one identified “bad word” from the content: p0?# (only actually spelled out). I substituted “adult entertainment magazines and videos” for that word and the post was allowed.

 

You have got to be kidding me! 

Who in the world populated the “bad words” filter list for the site, and what do they think they are protecting us from ?

 

Focusing on the specific case, neither p0?# nor p0?#ography are inappropriate words, even though content that meets the definition of such may be improper here. In fact, in the infosec business we have specific need to discuss how to establish enterprise policies against p0?# in the workplace, how to enforce such policies, as well as how to inspect and filter for p0?3ography at network boundaries and inside enterprise data storage.


Come on, folks, how about the site administrators acting like professionals here and also treating the community members as professionals!

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts
20 Replies
Baechle
Advocate I

Right... and it’s not. It’s a rhetoric that has been repeated so many times that folks are starting to believe it happened. Which it didn’t.

So what is the point of your previous post?
rslade
Influencer II

> CraginS (Contributor I) posted a new topic in Customer Support on 08-05-2018

> However, before the Community site allowed the post, i had to remove one
> identified "bad word" from the content: p0?# (only actually spelled out).

>   You have got to be kidding me!  Who in the world populated
> the "bad words" filter list for the site, and what do they think they are
> protecting us from?   Focusing on the specific case, neither p0?# nor
> p0?#ography are inappropriate words, even though content that meets the
> definition of such may be improper here. In fact, in the infosec business we
> have specific need to discuss how to establish enterprise policies against p0?#
> in the workplace, how to enforce such policies, as well as how to inspect and
> filter for p0?3ographic at network boundaries and inside enterprise data
> storage. Come on, folks, how about the site administrators acting like
> professionals here and also treating the community members as professionals!

Amen, Cragin. This sort of restriction may have some place in a public school
Website (although I agree with you that neither word is, in itself, offensive), but
here it is completely out of place.

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
It is practically impossible to teach good programming style to
students that have had prior exposure to BASIC: as potential
programmers they are mentally mutilated beyond hope of
regeneration. - Edsger Dijkstra
`Selected Writings on Computing: A Personal Perspective'
victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/rslade

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
denbesten
Community Champion

Like @Baechle, I did not take your use of "if..." to indicate a straw man argument.  Monday-morning quarterbacking, a change as simple as "For example, if this forum were..." would have prevented this miscommunication.  Other than a couple of solicitations to visit pirated movie sites (which were removed), all other censorship allegations have been disproven as Baechle has earlier suggested.

Pulling this back to a "security" discussion... my company blocks certain web sites that are NSFW (not safe for work).  Do you feel this inappropriate and if so, what recommendations do you have to offer to help prevent Hostile Work Environment accusations?  Taken a step further, we also block sites that are "Known malware infected".  Is it appropriate for us to take central defensive actions so that the users can focus on being accountants, sales-critters and executives?

 

rslade
Influencer II

> Baechle (Contributor III) posted a new reply in Customer Support on 08-06-2018

>   This Community is still your Community
> even if you chose to deride it or abandon it.  It represents (ISC)^2, its
> certifications, and certification holders whether you choose to participate or
> not.

That is *really* interesting statement ...

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
[I]t is the future that interests us. Now is the past.
`Man of the Year' http://www.imdb.com/title/tt0483726/quotes
victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/rslade

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
rslade
Influencer II

> Flyslinger2 (Contributor I) posted a new reply in Customer Support on 08-06-2018

> If ...

[Irresistably reminded of ...]

- Do you like Kipling?
- I don't know. I've never Kipled ...

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
For every person who wants to teach there are approximately
thirty people who don't want to learn--much.
- W. C. Sellar and R. J. Yeatman, `And Now All This' (1932)
victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/rslade

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
TimG
Newcomer III

I'd be the first to agree that some form of "censorship" is important, partly to protect us from stumbling into bad stuff but equally so that we can be seen to be taking due care. My allusion above to blocking certain English counties was less of a complaint and more of an observation of the sort of well-meant thing that can trip us up. We still meet things like that and when we do the right thing is to give a wry grin, sort it out (if necessary) and move on.

In our line of work we are more likely than most to bump into the sort of preventive measures that we put in place for the protection of others. Happens to me all the time at work - it comes with the turf.

I quite like this community, as it happens...

 

rslade
Influencer II

> TimG (Newcomer II) posted a new reply in Customer Support on 08-07-2018 08:29 AM

> I'd be the first to agree that some form of "censorship" is important, partly to
> protect us from stumbling into bad stuff

Ummm, I know you're generally on the "open" side, but even making this point
seems to be out of left field. Or indicates you're in the wrong field. We are the
professionally paranoid. We *look* for bad stuff. (At least, if we are any good at
our jobs.) You're going to come across "the p word" in relation to phishing,
malware, drive-by downloads, all kinds of stuff that we need to look into.

> but equally so that we can be seen to
> be taking due care.

You *might* have a point, there. *Might.*

> In our line
> of work we are more likely than most to bump into the sort of preventive
> measures that we put in place for the protection of others.

True. When I was doing a lot of reviews of antiviral software, I'd frequently get
frustrated by some well-meaning protective system that thought it was smarter
than I was. I always had to take a step back and consider whether, in the general
population, it was, in fact, the correct thing to do.

In this particular case, after careful consideration, I'd say:
Cragin is right. "Ridiculous" is the correct word.

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
I want everybody to be smart. As smart as they *can* be. A world
of ignorant people is too dangerous to live in. - Garson Kanio
victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/rslade

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Baechle
Advocate I


@rslade wrote:
> Baechle (Contributor III) posted a new reply in Customer Support on 08-06-2018

>   This Community is still your Community
> even if you chose to deride it or abandon it.  It represents (ISC)^2, its
> certifications, and certification holders whether you choose to participate or
> not.

That is *really* interesting statement ...

It has a certain perspective, does it not?

Baechle
Advocate I


@rslade wrote:
You're going to come across "the p word" in relation to phishing,
malware, drive-by downloads, all kinds of stuff that we need to look into.

... Time card fraud investigations ... Forensics ... 

 


@rslade wrote:
Ummm, I know you're generally on the "open" side, but even making this point
seems to be out of left field. Or indicates you're in the wrong field. We are the
professionally paranoid. We *look* for bad stuff. (At least, if we are any good at
our jobs.) 

I know you were making a point here about an overall security mind set with Tim.  I think the word Paranoia can adequately describe folks in a state of mind that maybe need to take a break from the CompuSec/InfoSec world for a while.  Proverbially, when we start seeing the face of hackers in our soup and pr0n on our toast, we have lost the ability to rationally explain risk.

 

It's absolutely healthy to evaluate someone's opinion on the impacts of censorship from a place of skepticism and test its legitimacy.  All of our professional experiences, occupational activities, risk appetites, and security needs are different.  Even if I didn't start out or end up agreeing with Tim in this application, I don't think it's very professional to accuse anyone that offers a position for discussion that doesn't agree with us as being bad at their job. 

 

Maybe if you took all of your experience wrapped up with biases and paranoias to someone else's job, you'd be bad at it?  I know it would be extraordinarily bad for my job. 

 

Sincerely,

 

Eric B.

 

 

 

 

j_M007
Community Champion

Hi Flyslinger2:

I'm surprised by your antipathy. The best way to improve the site is to keep posting. In fact, you've contributed quite a number of useful comments, so I hope you'll continue.

Best!