Ethics of Proxy Servers?

Mav asks: "I was recently asked to host a website for free in return for a lot of advertising. After querying them about how they knew the site would produce traffic they stated the site was going to be running PHPProxy (an open source web proxy). The traffic was a result of him and his contacts (nearly one thousand of them) using the site to bypass his school's firewall in order to view their MySpace pages and get access to their MSN messengers. Given all the attention social networking sites have recently received and the various laws attempting to block or control access to them I feel guilty and unsure making this available. Are there legal implications that I need to worry about? Could I be held liable if one of the students got in trouble? Most importantly, what's the moral thing to do?"

I Don't Know Your Morals

[stinerman]

You need to find out for yourself what the moral thing is. I believe it is moral to help people gain access to information, so I'd do it. Do you?

As far as the legal aspects, I doubt there are any laws in your jurisdiction regarding setting up a proxy to get around a school's filtering software, but then again, you can always be charged for contributing to the delinquency of a minor for anything these days.

Re:I Don't Know Your Morals

[fruitbane]

Who are you to determine what is and what is not information? Maybe most of what's on MySpace is, IMO, crap, but there's bound to be something of value in there. It could be argued that any communication at all is in some way an information-based activity. Who are any of us to say what is and isn't there without personally examining every page and every piece of content first?

Re:I Don't Know Your Morals

[plover]

I believe it is moral to help people gain access to information

As do I. However, helping doesn't imply providing the facilities.

Rather than host a proxy yourself, offer to help them find other proxies. Offer to teach them about torpark. But mostly teach them how to figure the problem out for themselves. As they encounter this problem repeatedly throughout their lives, they'll be in a better position to recognize it and fight it.

If myspace or facebook is important enough to them, they'll have the motivation to learn how to bypass the firewalls themselves. If not, they can continue to whine in ignorance. You don't have to do it for them to be their hero -- you just have to help.

Re:I Don't Know Your Morals

[Guspaz]

It won't strictly double bandwidth usage. There are several methods that proxy servers can employ to reduce bandwidth usage.

The first is the use of a cache. For example, if the primary use of the proxy is to visit myspace, many of the images, stylesheets, scripts, and so on will be cached. That reduces the proxy to internet bandwidth.

Another is compressing text content that passes through the proxy. HTML, javascript, XML, and stylesheets can make up a surprising portion of bandwidth usage these days. By having the proxy compress these types of content as it passes through, user to proxy bandwidth can be reduced.

There are obviously other more destructive methods; GIF images can be run through gif2png and HTML rewritten to use the new images, JPG files can be recompressed at lower quality settings, all sorts of things can be done on-the-fly to reduce bandwidth use.

I'd imagine that because of the repetitive use, the bandwidth demands with some of the above mentioned techniques would be substantially less than double.

Of course, all this discussion is moot; the instant the school realizes that the kids are using this proxy, they'll block it, and that'll be that.

After the teacher in Connecticut - IWGAL

[ScrewTivo]

I would get a lawyer. The world has gone insane!

Why?

[pseudosero]

If you're even bothering to ask this question, then i believe you might not want to do it. School filters are annoying; the favor you would be doing is immense. But as to whether or not it is moral or not: is P2P, bittorrent, are pirates and people who share moral? Yes, question with a question. Why are you asking this question. ?.

School?

[ReidMaynard]

Is this a high school? Jr High? University?
I think if the expected student is a minor (HS or Jr High) I would pass.

I wouldn't do it

[nahdude812]

I wouldn't do it for two reasons. First, if the school moderately has their act together, they'll be watching their outbound traffic, see a big spike to the proxy site, and you'll end up on the block list inside of a week anyway (which might be less time than it takes you to get everything set up).

Second, I believe that when school kids are on school property using school equipment, the school should get to decide what they're allowed to do. My employer sure has this right, and it's also certainly a firing offense for me to bypass it. I salute schools that don't let kids play on the Internet when they're at school and should instead be learning. Sorry, school time is time that students should be using for, I dunno, learning. MySpace and MSN don't qualify, if this is really what they're looking to get to. So I wouldn't do it on principle (though of course realizing the kids will probably manage to find it somewhere else anyway).

Many people complain about schools, but things which I see as reasonable attempts to keep the kids on target are hollared at as censorship or some other poorly-fitting term which is basically the equivalent of saying, "We think kids should be allowed to do whatever they want, but we also think you should make them learn material they don't want to at the same time."

Re:I wouldn't do it

[tverbeek]

what if the students are not in lesson, during break times or at lunch? They are allowed to chat to each other about whatever they want there in person, so why not do it online as well?

Schools don't block frivolous uses of their equipment because they don't want kids to have fun; they do it because they want to make sure these tools are available for the purpose they were intended for: as educational resources. If the computer lab is full of kids surfing MyFace and chatting on AIMSN during lunch and breaks, then that lab isn't available to students who want to do some online research, type a paper, etc.

Re:I wouldn't do it

[RAMMS+EIN]

``I salute schools that don't let kids play on the Internet when they're at school and should instead be learning.''

You're supposing that the things that these schools are trying to block access to are not learning. By contrast, most people I know who are good with computers got there by doing things that authorities (parents, schools, ...) did not want them to do.

I'm not saying limiting what children can do is a Bad Thing, but you have to consider that, by restricting them, you limit what can go wrong _and_ what can go right. Limiting bright kids in their development is an effective way of turning them into trouble kids.

Re:I wouldn't do it

[westlake]

I'm not saying limiting what children can do is a Bad Thing, but you have to consider that, by restricting them, you limit what can go wrong _and_ what can go right. Limiting bright kids in their development is an effective way of turning them into trouble kids.

These are decisions for schools to make.

These are decisions for parents to make. They are not decisions for you to make. This is where the Geek goes wrong.

Re:I wouldn't do it

[nahdude812]

You're supposing that the things that these schools are trying to block access to are not learning.

I trust the school to make this decision more than I trust the kids. At work, if a site is blocked by our proxy which is legitimate, we can request that it be unblocked, and typically this is done within the same day, often within an hour of the request (unless its borderline, then it is escalated). I'm presuming that if a student contacted the administration with a compelling reason to unblock a site, that it would be (certainly if this is not the case, it should be), but I still trust the school to consistently make better decisions on this front.

Re:I wouldn't do it

[phantomcircuit]

I am legally required to be in school.

If I am legally required to be in school and what I am learning is censored.

Then how can I hope to learn the truth?

It's up to you...

[Helix150]

Legally, create an AUP which people must click through that basically says you wont use the site to do anything bad, surf porn, etc. IANAL tho.

Morally though, that only you can answer. You bothered to ask, so that may be your answer right there. Personally I think school filters are annoying and pointless, because everybody assumes that the second you turn 18 you somehow become magically mature enough to handle porn/violence/cigarettes/lotteries, things which you apparently couldn't handle at 17.995. Schools just want to cover their butts and I can't say I blame them. However our society as a whole is increasingly becoming a nanny-state where people must be 'protected' from 'bad things' rather than educated about them and informed on how to protect themselves or make good choices.

Realistically though, whoever runs IT on the school probably isn't stupid. If they see a bazillion hits to the same site they'll probably check it out, and figure out what it is. At that point it gets blocked. And if you don't use HTTPS, they can just traffic sniff it.

What I would do is make the site go HTTPS immediately, and the resulting page looks like a search engine, and function like one with a google API or something. Have your friend encourage everybody to use it as a search engine as much as possible, so the resulting traffic spike doesn't look suspicious. However script it so if you search for a particular string of terms (IE the password of the week) it dumps the facade and takes you to the proxy page. Also have a cookie so if you manually punch in the address to the proxy page w/out first searching for the password, it takes you back to the search page. This should make it last quite a bit longer.

Censorship? C'mon, now

[svunt]

There's a big difference between you doing this for some Chinese students who have 90% of the web blocked, but blocking myspace/messenger at schools is NOT about censorship, it's about saving PCs and bandwidth for people using those facilities for their fucking educations. There's no 'sticking it to the man' getting around a myspace block, you're not freeing the masses from tyranny, you're helping to fuck things up for people using school resources for school.

My advice, don't be a dick, if people need their goddamned myspace they can buy a computer and an internet connection. I get sick and tired of waiting in a queue at uni to use the library catalogue because every 18 year old tool is busy "LOL ASL"ing away on the machines my fees pay for.

Ah, that rant felt gooooood.

Morality is relative.

[subreality]

What sounds better to you?

* Children should be raised in a sheltered environment, so that they don't encounter controversial opinions they might not understand without the proper context.

* Children should have free access to information, and shouldn't get a rose-tinted view of the world. The only way they'll get the context to complex issues is by being exposed to discussion about them.

Or another pair:

* The law should be respected regardless of if you agree with it, because it's the foundation of civilization.

* What's right and what's legal aren't always the same, and I prefer to do what's right.

I think that someone who believes in any of the opinions above, and lives by them, can be a moral person. You need to think about what YOU believe in. We can't answer that for you.

From the school IT perspective...

While I will not answer to the legal or moral aspects of this question, working as a system/network/security admin in a K-8 school district I do have an opinion.

As with many places these days IT departments (if there even is a department) in k-12 educational facilities are understaffed, under-funded and over worked. This is not a complaint this is just stating the facts. There are several districts that I can think of off the top of my head that do not have a full time technician or administrator. The care of IT systems is left to the librarian, math teacher or whomever is the most "technically inclined" teacher or staff person in the building. They will get paid a couple grand to do this as well as their main job of teaching. The main work is left to consultants who might be good. But nevertheless are only onsite when called for. This is not the description of some poor district in "Middle America" either. (No offense to the poor districts in Middle America) For the districts that or fortunate enough to have an IT department the staff is busy with the maintenance of the districts networks, systems, training users, etc. There is little time left to monitor the browsing habits of a 14 year old. We rely on content filters with updated rule sets and teachers who spot a kid doing something bad in class.

I would humbly request that you do not open yet another proxy. That will eventually end up on my content filters list. But students these days are not looking for free access to information. They are looking to bully the kid next to them. They are looking to surf sites that no 14 year old should be on or play games during class because they are too important to learn.

I am all for students pushing the edge and learning. I applaud the first kid who figured out that a proxy would work on content filters. If they figured out why I would even be happier. Heck I would explain it to them if they asked.

Hopefully someone reads this and figures out that it would be nicer to help out the school district in their area versus work against it. It has a hard enough time educating your children or friends. Why make it work harder than it reasonably needs to?

Just study harder and leave the web for college...

[sjs132]

I work for a HS... We have filters and such because we are REQUIRED by law... Because somewhere along the line, the overwhelming majority of your parents thought it was a great idea to keep you safe from all the CRAP that is 99% of the internet.

It Pisses me off to no end when little snaughts think they are hot just because they can find a proxy and surf myspace or adult sites.

(Yes, after 7 years in HS and 5 yrs before in college support, I've grown cynical of the crap that is turned out as brains...)

MySpace and other social networking sights (yes, this is gonna be a blanket statement) are worthless and BAD for children. I don't care about the age 18 thing.... If you need "faceless" friends that bad, then purchase your own pipe at home and surf from there... but considering that we are ALL paying for the internet in schools (Universal Cost recovery Fee/tax on phone bills) then it is a waste of my time and the money of the tax payers for you to be using it to watch the latest viral video advertisment from coke or pepsi. (Product placement... watch for it...then ask how many of those vids are "REAL") Or looking for boobies on myspace or google images.

I admit that there are some legit uses for a proxy... like if you live in China or some country where access to books and information is banned by the gov, etc.. BUT, using it to bypass a school filter is NOT a legit reason.

The second reason the filter exists is because you should be LEARNING! Not learning how to hack/bypass things, but shit that matters.... This is one of the reasons (IMHO) why we rank so low on the global education scale... The internet should NOT be in cassrooms, Computers SHOULD NOT be in classrooms. Maybe a computer teacher with overhead and possibly smartboard, but nothing else... Have a few labs for the classes teaching computer software @ HS Level and a bank in the library... As it is now, 4/5 computers per room results = teacher that cant watch and guide the kids to use the internet in any responsible manner.

Get a life... Go HOME to get your vids/kicks and actually LEARN in school... When you get to college, you can waste YOUR parents money on MUDS and MOOS and I don't give a crap. (Ok, that gave away what I did in college...)

Most important, RESPECT the schools computers, we are just trying to do our job, and follow the rules that have been laid down by your parents! (And they supposedly care and love you...)

Re:High School

[BrokenHalo]

He's a Slashdotter, why on Earth would he ask someone who knows?

But he asked what was the *moral* thing to do.

In which case I would have thought a lawyer would be the last person I would ask... ;-)

Boarding schools?

[tepples]

I would want to know if the school's action was blocking all student access to certain web sites (constituting undue censorship) or simply causing students the inconvenience of having to wait until they got home In some schools, the students can go home only every six weeks if that often. On-campus housing is more common at universities, but some K-12 schools do operate this way. Is there a way for a given high school student's parent to override this block?

or to the library Some of these proposed bans apply to school libraries and to public libraries as well.

Re:Mod parent up, please

I like how you blame the IT dept of your school for the blocking. At the company I work for one of my duties is to run the web filtering program. I also approve or deny site access requests. If it was up to me there'd be no active blocking just passive monitoring at the most. But since I don't run the company I just do as I am told. Maybe you should learn that sometimes people have to do jobs and job fuctions that they don't call the shots on.

As a student and worker

I worked as a student technician at my highschool for the entire time before I graduated (four years). I worked doing everything and had seniority on most of the other people in the district. We're a fairly large district, my highschool had around 1600 people. I was paid, so it wasn't a volunteer thing.

The IT people hated the filters more than anyone because we all thought it was pretty stupid. I setup a CGI based proxy for a few of my friends and told my boss about it, my boss told his boss, pretty soon the entire IT department was using my proxy to access Fark and other sites their own filters blocked (the exception being the internet services division who had their own VLAN that was not behind our firewalls).

The point is, the IT people don't give a rat's ass to a large extent, because most (if not all) in my experience think it's a stupid idea to begin with because we know that smart kids will find ways around it. It's the administrators, those same administrators who wonder why not all spam can be blocked, who try to get us to block everything.

On the legal side, I'd get a lawyer and fashion a quick clickthrough. I'd make it hard to find, make it use SSL, and preferably have it available on multiple IP's and hostnames, change the hostname used every once in awhile to make it harder to find.

Personally, I see no ethical problems.