Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: How To Best Setup a School Internet Filter?

Posted by samzenpus on from the watch-how-you-play dept.

An anonymous reader writes "I was recently volunteered to be the network/computer admin for a small non-profit school. One of the items asked of me had to do with filtering inappropriate content (i.e. stuff you wouldn't want your mother to see). Essentially we want to protect people who aren't able to protect themselves, at least while on campus. Basic site filtering is fairly easy — setup squid with one of the many filtering engines and click to filter the categories your interested. Additionally, making the computer lab highly visible uses public shame and humiliation to limit additional activity. The real question — How do you filter Facebook? There is a lot of great content and features on Facebook, and its a great way to stay in contact with friends, but there is also a potentially dark side. Along with inappropriate content, there is a tendency to share more information than should be shared, and not everyone follows proper security and privacy guidelines. What's the best way to setup campus-wide security/privacy policies for Facebook?"

11 of 454 comments (clear)

  1. Don't by Simulant · · Score: 5, Insightful

    Just block it all together. Not worth it.

    1. Re:Don't by ThatsMyNick · · Score: 5, Insightful

      Or whitelist a few websites and be done with it.

    2. Re:Don't by Anonymous Coward · · Score: 5, Funny

      Um, so, teenskissingtheirpussies. Linky??

    3. Re:Don't by cayenne8 · · Score: 5, Interesting

      I work at a college and we do no filtering of any kind due to academic freedom. There are issues from time to time but it is tolerated in the name of freedom.

      I guess the person asking the question didn't specify, but I was under the assumption that this was for an elementary level type school....so, you're policing children, and you'd likely start with things mostly turned off, and then let on what you needed as required by the instructors.

      Also, if that is the case...wouldn't most of these kids be too young to have FB accounts per the TOS for Facebook? If that's the case...no problem in banning FB entirely, eh?

      --
      Light travels faster than sound. This is why some people appear bright until you hear them speak.........
    4. Re:Don't by Anonymous Coward · · Score: 5, Insightful

      I guess the person asking the question didn't specify, but I was under the assumption that this was for an elementary level type school....so, you're policing children, and you'd likely start with things mostly turned off, and then let on what you needed as required by the instructors.

      Back in the mid-1990s when I was at the elementary school level, we had a 10BASE2 coaxical network and an unlimited Internet access. And oh boy did we find lots of both questionable (nude, porn) and illegal content (games, software and MP3s were already flooding to the websites from the soon-to-be-legacy private BBSes and FTPs), and guess what all that did to me? Nowadays I post anonymous comments to Slashdot, have a job and pay my taxes (oh, and MSE in the works).

      So, unless you want your kids to grow up as future Slashdot users and engineers with university grade degrees, block everything (I mean *everything*), throw them to your basement and never open the door. Everything else is just plain stupidy and both wasted time and effort.

  2. Who decides what's "inappropriate" by Anonymous Coward · · Score: 5, Funny

    My mother was a porn star. There's not much that I wouldn't want her to see.

    Slippery slope, my man.

  3. Re:lulz. good luck by LateArthurDent · · Score: 5, Interesting

    In a word, don't. Unlike adults, teenagers won't have any qualms about bypassing your filtering. They'll use proxies. Tor. Thumb drives with other operating systems on it. Mobile phones. Secret non-broadcasting wifi networks.

    Honestly, that's almost a good argument for implementing filtering. It challenges bright people to come up with clever solutions. Then they'll grow up with an interest in computers and networking, as well as a healthy distaste for censorship.

  4. Good Kids by dark+grep · · Score: 5, Insightful

    Many years ago I connected an Internet feed for a private girls school - a very conservative, christian, and very well respected one - in Sydney. During the setup I was talking to the Headmistress about if she had any concerns regarding the content the girls might access. I thought her response was particularly enlightened; her comment was something like 'Whatever you try to restrict will make them want to access it more, which they will do secretly and unguided. If we don't make any restrictions then it will never be a big deal, and anything they feel uncomfortable about they can discuss with their teacher. Good kids will know to do the right thing, and all our girls are good.'

    If I had a daughter, I probably would have sent her to that school.

  5. Re:opendns by Anonymous Coward · · Score: 5, Informative

    OpenDNS is a huge scam - right up there with all the other Bait & Switch slime.

    It used to be free, our public library used them to filter porn so that they met the basic filtering requirements in order to get Federal grant money.

    Then OpenDNS said no more free filtering - all right, everyone needs to make a buck or two right?

    So how much for 50 workstations - $1250/year (and that's with a non-profit discount) - for DNS service.

    Yeah, going from free to outrageous isn't exactly a viable business plan.

    DynDNS offers pretty much the same thing (i.e. category filtering) for $20/year - guess which plan the Library went with?

  6. Re:opendns by Anonymous Coward · · Score: 5, Insightful

    You're god-damn right it was a scam. The main part of OpenDNS that pissed me off was their filters were created and filled BY THE USERS. And now they're charging for something they got for free. We thought it was going to be a symbiotic relationship but it ended up being a parasite.

    How much for a business with 200-220 PCs? $3000 a year.

  7. The unfortunate reality comes down to liability by Voyager529 · · Score: 5, Insightful

    Yes, there's going to be a group of kids who are more determined and resourceful than the person asking. In a nontrivial number of cases, they're called "future sysadmins". That's not to say that they'll all do so or that it should be a motivation for whether things get filtered at all, but it is a byproduct worth mentioning.

    That said, you raise an argument of questionable logic. Essentially, you've stated that because he CAN'T block EVERYTHING that he SHOULDN'T block ANYTHING. That's not really the way things work in K-12 education. See, if it takes a proxy, a VPN, and a memorized IP address to get to content deemed inappropriate by the powers that be, then anyone who has gotten to it has shown clear determination to do so. Thus, it's significantly easier for the IT staff to say "We have had filters in place from the get-go that block this content. This student used an incredibly elaborate method to get around these filters, and this method no longer works as we've updated our filters to accommodate it" and thus place blame squarely on the student for determination and intent. Using your method of leaving the floodgates of the internet opened means that answering to those same people when a student accidentally stumbles upon objectionable content will sound like, "we don't have any filters because they don't work 100% of the time". Reference-free job hunting starts in the morning.

    If a student wants to get into the building after-hours and orders his own RFID card off the internet and programs it to minic another card to unlock the door, it's going to be much tougher for the school to sue the security company than if the security company left the doors open 24/7 because there are 20-foot high windows.

    Sure, students will bring in their issues of Penthouse or USB sticks with the contents of the latest pr0n torrent if they're determined to do so, but once again, it's how and where. A student walking into school with Penthouse in his backpack didn't get it from the school, therefore the school can't be held liable for the actions of the student. If the student downloaded an issue of Penthouse on a school computer, by contrast, now the school has made possible something that (for the sake of argument) the parents find objectionable and it's easy to point the finger at the IT admins since even a basic content filter would have mitigated the issue - or at the very least raised the barrier to entry significantly such that the IT staff can once again say "we can't block everything, but the filters do block all but the most determined attempts to get where he got" and absolve themselves from responsibility.

    Yes, supervision absolutely needs to happen. The original post explicitly asks how to make supervision easier for that very reason. The question being asked isn't how to replace adult supervision with a technological solution, it's how to assist the teachers and try to fill in the gaps for the moments when the teacher is focusing on student #1 who happens to be seated at an inconvenient angle to observe student #2 doing the same thing.