Proxy Sites Offer Secret Passage to Myspace 330
JafSquared writes "As sites like MySpace.com gain popularity in young adults, schools all over are finding that taking measures to keep kids blocked out of these websites is becoming increasingly difficult. As this hype continues, proxy servers such as "Box of Prox" are springing up like wildfire. While system admins furiously work to diminish the strain placed on their school's local networks from sites like MySpace, these proxy sites are enabling easy access to restricted areas. However, schools aren't the only places that are feeling the heat. Proxies have also been becoming a bit of a complication in the workplace. To the more advanced user, the proxy server can become a tool for malicious intent as this article, delivering an anecdote with the termination of an employee, so poignantly details."
Next it will be SSH tunneling... (Score:5, Interesting)
Not really a new problem (Score:3, Interesting)
When I was in school (5 years ago), schools were trying to block well known proxies, but were unsuccessful at blocking those of us with 'home brewed' proxy servers. This wasn't really such a problem, because the policy was "get caught looking at sites x, y or z and you lose your computer privileges", why does this approach not work with advent myspace et al?
Proxies aren't such a big deal anyway, I worry more about the possibility of a savvy user with a bootable USB flash drive and OpenVPN.
I used to run one of these. (Score:3, Interesting)
Re:Restrictions are evolutionary pressure (Score:1, Interesting)
news? (Score:3, Interesting)
Seriously, I can't be the only one here who wrote a CGI proxy server so that I can get around censorware (like BESS) while in high school. I even sold access to it to my fellow students!
Code is simple:
# fetch the url specified after the "?"
# prepend the url of the proxy to all link tags
# print the page out to the user
So all you have to do is run apache with this CGI from home, and you never have to worry about censorware again.
Re:host (Score:3, Interesting)
Re:welcome to 1995? (Score:3, Interesting)
The case, of hiding your web travels while at work, was mentioned in this article [pcworld.com] which was cited in the post.
You'll note that, though the company did find out where their fired employee was surfing the reason for his dismissal was the use of the web anonymizer to hide his tracks in the first place. There is a simple rule known by anyone who is a parent. If there isn't any noise then the kids are probably getting into trouble. Take note of that when you choose your stealthing tools.
Re:Opt-in, not opt-out (Score:1, Interesting)
And yes it does limit doing research.
Re:Proxies? (Score:3, Interesting)
Have only a list of acceptable sites. when blocked put a link to submit for approval and teachers in the class or room can click on the link they wanted, view that it is not a backdoor to myspace or someplace inappropriate and then click "allow" which add's it to the whitelist.
simple works great and has near immediate access to sites not on the whitelist.
Too bad most schools cant afford IT staff that has the brains to do this stuff. They have to spend all that cash on the sports programs!
Filter Complainer (Score:4, Interesting)
What did this program do? It ran in the background, monitoring Internet Explorer's address bar (couldn't find a nice API for Firefox, but mozilla.org was blocked anyway). When it detected that the proxy had taken over (http://www.lghs.net?blockedsite=mozilla.org&reas
(Yes, I know it's probably not moral to use school computers for this. Yes, I know he could have created an email filtering rule to send the messages to the trash. I liked it, and so did the users. *Shrug*.)
Re:What?!?!?! (Score:3, Interesting)
You've hit the nail on the head; it is the 'not liking kids doing anything' that causes ADHD.
Re:Students vs. Public Schools (Score:3, Interesting)
Re:Students vs. Public Schools (Score:3, Interesting)
I'm not the grandparent but I can respond to this. The way most K-12 systems are setup this is largely unavoidable. All computers are on one network within each school building. I know in the system I worked for most schools had one router and a class C of address space. The Internet access was provided by the state, and all sites ran through central office and through a firewall there. There was no way to provide completely seperate VLANs and routing because the state controlled the core routers and wouldn't do so. Our policy was that bookkeeping and other critical systems were kept off the network unless absolutely necessary.
Personally I wanted to use cheap Linux boxes as NAT routers/firewalls and put the entire office of each school behind one but that never came to be. It also never will, the system eliminated my position so now there is no network admin. Things will start falling part soon because I was the only person there who knew how to run most of the stuff I had implemented. (Which also greatly stabilized the network from how it was when I started. They had no network admin when I started either.)
Well yeah, but welcome to the reality of K-12 school systems. Often the network admins hands are tied by arbitary crap that's decided upstream. Even the most competent network admin can't do shit when they can't change parts of the network or the system refuses to buy the necessary equipment to implement even the simplest, cheapest solutions.
I can tell you've never worked IT in a K-12 system, and so can anyone else who has. I've done systems and network administration for years and in places other than K-12, and K-12 is an absolute nightmare. The students are your enemies, there's no two ways around it. It's not all of them, some are simply curious, some really want to learn but quite a few simply want to do whatever the hell they want to do, when they want to do it, and don't give a damn about learning anything that they don't need to know to access their game/porn/social networking site. They'll damage software installs if they can, they'll hose profiles, they'll screw up entire labs to the point of near being unusable all so they can play a game. I've encountered every one of those situations, and it's very hard, and very time consuming to get ACLs and permissions exactly right on every single point of attack that they'll use. (Also keep in mind that in my case I had 18 sites to deal with and was the only network admin. A lot of time I simply didn't have time to get all the fine details exactly right because I had fires to put out in other schools.) They also use attacks that you'll never see anywhere else, and frankly it's amazing and scary both. If these kids would bother to direct that intensity at learning they'd probably end up being brilliant, as it is they're generally hardcore slackers who don't care if they get suspended or expelled as long as they can play their game one more time.
I don't think it's necessarily bad to teach network programming to sophomores, but you don't know the realities of K-12 network administration at all or you'd understand why the grandparent said it was a bad idea. It IS a bad idea the way most K-12 networks are forced to be designed, and until that part is fixed (and you'll have to talk to people much higher up the chain than your local system to get that fixed, like your state congresspeople) it will remain a bad idea.
Re:Not really a new problem (Score:3, Interesting)
Because before the first month of school was over with nearly every student in the school would have lost computer privileges. Kids are so fucking desperate to access MySpace that they completely ignore all the rules and keep hunting for new and creative ways to do so. It's like a drug or something and they experience withdrawal if they can't access MySpace every other hour or so. (Really all your friends are in school too, has anything really happenned to any of them while you're all in school?)
That's easier to defeat than proxies actually. Just lock down BIOS settings and password protect them from being changed. Proxies keep popping up all the time so they're harder to defeat.
Re:What's so difficult? (Score:3, Interesting)