[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Fwd: RE: [seul-edu] [Fwd: Child Internet protection act CIPA]]



After a little bit of research, I must say I was wrong on some stuff.
The biggest part is that since there are no performance metrics, how
complete the list is does not matter. You could act as your own list
maintainer. The black lists I was talking about are bundled into the
proxy products that most organizations use. Those products are complete
solutions, because, like I said before, those lists are considered to be
their most valuable asset. Best solution, keep your own list.
I think the biggest stumbling block for these filtering solutions is
that most products only filter web traffic. Almost all other internet
protocols can be used to transfer questionable images. That news group
mentioned below may very well need to be filtered, if someone decides
it's a good place to distribute inappropriate images. 
If you were to stick to the letter of the law, and also assume that 100%
success was required, you would basically have to close off all internet
traffic, and open only what you deem was safe. That's not required, so
if you used Squid, and create your own list as sites and problems are
encountered, and create a policy on how to deal with new site and
issues. After all that, you should be safe.

Shannon Spurling
WAN Engineer -Specialist

MOREnet, Network Services, Core Network
3212 LeMone Industrial Blvd.
Columbia, MO 65201

Main:(573) 884-7200   Fax:(573)884-6673

shannon@more.net
shannons@ieee.org


-----Original Message-----
From: Doug Loss [mailto:drloss@home.com]
Sent: Monday, November 12, 2001 9:15 AM
To: seul-edu@seul.org
Subject: [Fwd: RE: [seul-edu] [Fwd: Child Internet protection act CIPA]]


owner-seul-edu@seul.org wrote:

> From: "Kyle Hutson" <smyle@rockcreek.k12.ks.us>
> To: seul-edu@seul.org
> Subject: RE: [seul-edu] [Fwd: Child Internet protection act CIPA]
>
> >  As far as I know, there aren't any comercial packages that meet the
CIPA
> > requirements.
>
> Strictly speaking, this is true.  However in actuality, you only need
> to show a "good faith" effort towards compliance.
>
> >       I have been told that CIPA requires that you be able to filter
> > all traffic based on content, including images.
>
> True.  The biggest "gotcha" is that it includes e-mail.  Yup - that
> means you've got to filter hotmail, yahoo mail, netscape mail, etc.
> Isn't this a fun law?
>
> Actually, taking a look at what you said, a minor correction - CIPA
> includes ONLY images.  You don't have to filter UseNet's
> alt.sex.stories.  (Hmmm... UseNet - I haven't even asked anybody if
> we've got to filter it, too.)
>
> *time passes*
>
> I just checked on this - CIPA states:
>   In order to receive discounts, school and library authorities must
>   also certify that they have adopted and implemented an Internet
>   safety policy addressing (i) access by minors to inappropriate
>   matter on the Internet and World Wide Web; (ii) the safety and
>   security of minors when using electronic mail, chat rooms, and
>   other forms of direct electronic communications; (iii) unauthorized
>   access, including so-called "hacking," and other unlawful
>   activities by minors online; (iv) unauthorized disclosure, use, and
>   dissemination of personal information regarding minors; and (v)
>   measures designed to restrict minors' access to materials harmful
>   to minors.
>
> So yes, UseNet is covered - as are any IM programs.
>
> >                                         Nothing that any company has
> > out now will do that properly. Lot's of the filter companies say
they are
> > CIPA compliant, but they only meet part of the requirements, and are
based
> > on a central blacklist of sites that requires a human censor to
review the
> > content of the sites they block. Many schools are using the standard
> > blocking software as a stop gap, as proof of compliance while a more
> > suitable solution is reasearched. This is the information that I
have gotten
> > from the security department where I work ( MOREnet, a state
research and
> > education network in the Mid-West).
>
> Again, it's a "good faith" effort.  Not only are there no perfect
> solutions, but there CANNOT be a perfect solution (what's porn to my
> community may not be to yours).
>
> > We were even researching a way to provide an ISP level proxy
solution, but
> > there is nothing implementable on that scale. I believe there are
Unix based
> > solutions, so I don't know why you shouldn't be able to adapt one to
Linux.
>
> Like squidguard (Free)?  (http://www.squidguard.org/)
>
> > Biggest block to something like that is that most of these blocking
> > companies view their site lists as top secret, and would not be
prone to
> > using open source proxy's. They would be afraid that someone would
hack the
> > proxy, and sell their intelectual property.
>
> *scoff* And they call OSS a bad business model.
> The only blacklist I'm aware of is SquidGuard's
> (http://www.squidguard.org/blacklist/)
>
> > I have an idea that might meet CIPA requirements. Place rows of
large
> > mirrors behind each row of PC's in a lab, and hire someone to watch
them
> > when ever they are on the internet.
>
> *Bzzzt*  ...but thanks for playing and we have some nice parting
> gifts for you.
>
> CIPA requires a "Disabling Technology Protection Measure".  Your lab
> proctor (though probably the best "filter" in real life) doesn't
> qualify.
>
> (http://www.fcc.gov/Bureaus/Common_Carrier/Orders/2001/fcc01120.doc -
> yes, it's a MS word document - I didn't write it so don't complain to
> me.)
>
> >                             Someone else once said they thought they
> > should pre-cache the pages for the lesson, and not allow the lab
direct
> > access to the internet. Another idea would be to block all at the
proxy, and
> > only open access to the IP's and ports of the sites needed for the
> > classwork.
>
> Can you say "administrative nightmare"?  (I have an idea - let's just
> pay big bucks for Internet access, and then disable it's single most
> redeeming feature - instant access to changing information.)
>
> --
> Kyle Hutson /  Director of Technology  / Rock Creek Schools:  USD323
> smyle@rockcreek.k12.ks.us                               785-494-8591
> Actually I am a laboratory mouse posing as an engineer as part of an
>                elaborate plot to take over the world

--
Doug Loss                 Always do right.  This
Data Network Coordinator  will gratify some people
Bloomsburg University     and astonish the rest.
dloss@bloomu.edu                Mark Twain