Thursday, January 04, 2007

On Getting to Blocked Web Sites

So, why would someone who runs a security blog link to a list of advice on bypassing web filters (see ”Top 10 methods to access banned websites”)?

Good question! Here is the answer: a large part of web content filtering seems like a bit of a counter-productive scam to me. With each content filter used, I have seen very large numbers of very annoying "false positives" (i.e. useful and harmless sites being blocked) that lead me to think of ways of bypassing them. The best analogy would be if you anti-virus solution will flag and destroy random non-malicious files every day. Would you use it? No way!

Is that a good thing? No. Is that a policy violation? Maybe. But - guess what? - once I needed to go to SecurityFocus to do my job and some dumb content filtering vendor blocked it in their default configuration as a site on "hacking" (wOw, that is deep!) This did happen a few years ago, before Symantec bought the site, but, to be honest, I never checked back whether they still block it.

Dr Anton Chuvakin