Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Best Way To Block Web Content?

Posted by samzenpus on from the what-has-been-seen-cannot-be-unseen dept.

First time accepted submitter willoughby writes "Many routers today have the capability to block web content. And you all know about browser addons like noscript & adblock. But where is the 'proper' place for such content blocking? Is it best to have the router only route packets & do the content blocking on each machine? If using the content blocking feature in the router, will performance degrade if the list of blocked content grows large? Where is the best place to filter/block web content?"

6 of 282 comments (clear)

  1. Best way to filter web content: by Anonymous Coward · · Score: 5, Funny

    Unplug your modem. Internet is now filtered. Enjoy your day!

  2. Nice Try China! by eldavojohn · · Score: 5, Insightful
    I'd suggest paying a lot of money to Blue Coat to do deep packet inspection so none of that content sneaks by.

    Or, perhaps, sitting down with your users and discussing with them how to surf intelligently and safely.

    And you all know about browser addons like noscript & adblock. But where is the 'proper' place for such content blocking?

    If you're talking about adblocking, the 'proper' place is at your visual cortex where images are processed -- and I know I'm alone in that unpopular view. Blocking ads is like throwing a soda can out a car window in that if one person does it, it's not a problem and it appears to benefit them modestly. But if everyone does it, it ruins the very thing you're enjoying. I can understand why you'd do it if the ad was a massive flash blob but many ads by Google or just images aren't resource intensive.

    I've clicked on ads and purchased something twice in my life from ads on a site. Once it was cheap shirts with funny designs on them (I needed new gym shirts) and the other was an eBay auction with a Buy It Now price lower than what I was looking at on that site (not sure how that works). I consider myself a pretty sophisticated person who is "above" advertising but anecdote-wise it's worked on me twice that I can think of. Removing that rare occurrence completely ruins the revenue model.

    --
    My work here is dung.
    1. Re:Nice Try China! by Anonymous Coward · · Score: 5, Informative

      This is one of the things the internet was built upon.

      This is patently false. The internet, and before it the countless BBS services, was built on freedom and idealism. A server operator would pay out of pocket for their hobby and users would either access it for free, pay membership fees, or pay 900-number dial-in fees. The early internet had no ads because it was a hobbyist driven system. Not until the mid 90's did the internet monetize.

    2. Re:Nice Try China! by just_a_monkey · · Score: 5, Interesting

      I am continually surprised that it is still legal to block ads, and that there is no visible movement to make blocking illegal. Not even any pervasive "The websites must be able to make money on what they do!", "Blocking ads is like stealing from the websites!" or "You wouldn't watch a movie/TV-show without watching the commercials" campaigns.

      Google and their customers must not have as good lobbyists as Hollywood.

      --
      How inappropriate to call this planet Earth, when clearly it is Ocean.
    3. Re:Nice Try China! by Jah-Wren+Ryel · · Score: 5, Insightful

      Removing that rare occurrence completely ruins the revenue model.

      GOOD! That revenue model is the single largest driver of the internet surveillance state. It is difficult to imagine an funding model for the internet with worse social costs. The sooner it dies, opening the door to replacement systems that are less invasive the better off we all are.

      --
      When information is power, privacy is freedom.
  3. Re:What about SSL? by myowntrueself · · Score: 5, Informative

    How would you like to filter out SSL traffic on a intermediate device? Do you have access to fake CA certificates recognized by the majority of web browsers?

    No problem if you use active directory group policies and a squid proxy with ssl-bump and dynamic generated certificates.

    Simply use a group policy to push the proxies cert out to the workstations as a trusted root certificate. Problem solved.

    Now you can filter out naughty HTTPS sites. Also anyone with root access to the squid proxy can extract all kinds of interesting info from the users HTTPS sessions and manipulate them in interesting ways. And the only way the users would know is by manually checking the certificate. "Whats this Google certificate doing being signed by '*'?"

    When you do this using Microsoft TMG theres a big red warning "You may want to check the legal implications of what you are about to do".

    --
    In the free world the media isn't government run; the government is media run.