Blocking all .info domains is "censorship": The Greens

Senators are blocked from accessing the entire .info generic top level domain

Internet connections of Australian Senators are censored more heavily than most of their fellow citizens — even more than MPs in the House of Representatives — thanks to a heavy-handed security policy and the work of former Senator Steve Fielding.

Senators are blocked from accessing the entire .info generic top level domain (gTLD), and a separate block list removes around 35 million websites from their view.

"Generally, access to .info sites from the parliamentary computing network (PCN) is blocked. This is done for security reasons," wrote David Kenny, acting secretary of the Department of Parliamentary Services, in response to an enquiry from political blogger Syd Walker.

Walker's own website at had been reported by MPs as being inaccessible from Parliament House.

"Access to a specific .info site is enabled upon request, on a case by case basis," Kenny wrote in the email confirming that Walker's website was no longer being blocked.

When asked for further details of the policy, Kenny wrote: "IT sites are blocked for security reasons — including related to threats other than spam... I do not propose to go into further details about operational IT security matters."

Walker blogged: "I may be thick-skinned, but I can tell when a bureaucrat is (politely) telling me to piss off and mind my own business."

Blocking all .info domains may not be such a bad idea.

A 2010 report by security vendor McAfee reported that the .info gTLD contained almost as many risky websites as safe ones. McAfee classified 30.7 per cent of all .info domains as "risky".

Since then, Kaspersky Lab researcher Kurt Baumgartner has noted that malicious website operators have been [[xref: |migrating to .info domains|]] from the and sub-domains — which he described as "absolutely littered with malware-distributing websites" — when those .cc domains started being cleaned out in late 2011.

Pavel Vrublevsky, co-founder of online payment service ChronoPay and an alleged operator of fake anti-virus scams, was arrested in August. Kaspersky researchers took control of the Hlux botnet, which was partly controlled from the .cc domain. And Microsoft took the owner/operator of .cc domains to court.

"All of these things sent the rats running from the sinking ship. But these rats need a place to go and the place they are headed looks to be .info," Baumgartner wrote.

In Senate Estimates yesterday, Kenny revealed that since the .info block was put in place on 27 October, a total of 68 domains had been unblocked on request.

CSO Online understands that this total block of .info domains is a temporary measure, and is expected to be lifted in a matter of weeks following an independent security review.

The block of some 35 million domains is a separate matter.

Back in 2008, Family First's socially conservative Senator Steve Fielding was shocked to discover that, unlike their staffers, Senators could freely access websites containing "inappropriate" material including "pornography, illegal drug references, gambling, games, racist or hate sites, violence, illegal weapons manufacture or procurement".

As a result, the filtering imposed upon Department of the Senate employees was extended to all senators and their staff.

"Should a senator require access to a website that may be restricted by the filtering system, they can arrange temporary or permanent access through the Usher of the Black Rod," the Senate's Deputy President said at the time.

Fielding ceased to be a Senator on 30 June 2011.

Join the CSO newsletter!

Error: Please check your email address.

More about etworkKasperskyKasperskyMcAfee AustraliaMicrosoft

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Stilgherrian

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts