Menu
Reply
  • 2
  • 0
  • 0
cricketlover
Joining in
1,029 Views
Message 1 of 6
Flag for a moderator

Websafe and the darkweb

Is there a way to stop devices from using Orbot (or other "dark web" browsers) to get around Virgin's Web Safe filter?  Should Virgin not block this browser by default?

Tags (2)
0 Kudos
  • 8.23K
  • 512
  • 2.26K
Superuser
Superuser
1,009 Views
Message 2 of 6
Flag for a moderator

Re: Websafe and the darkweb


cricketlover wrote:

Is there a way to stop devices from using Orbot (or other "dark web" browsers) to get around Virgin's Web Safe filter? 

Yes but its complicated. And way beyond the remit of this forum. GIYF and you could start here

http://searchsecurity.techtarget.com/feature/Tor-networks-Stop-employees-from-touring-the-deep-Web

Should Virgin not block this browser by default?

For all sorts of reasons, no. Using the techniques LAN side to block outgoing connections is one thing, an ISP interfering at that level would be unacceptable to most of us.


 


0 Kudos
  • 2
  • 0
  • 0
cricketlover
Joining in
1,004 Views
Message 3 of 6
Flag for a moderator

Re: Websafe and the darkweb

Thanks for the response.  I can see that it's a tricky issue and that blocking this by default might not suit everyone.  However, is there not a way for Virgin at least to give us the option to block the browser?  Otherwise, any user can simply use this method to get around all of the Web Safe filtering.

0 Kudos
  • 8.23K
  • 512
  • 2.26K
Superuser
Superuser
995 Views
Message 4 of 6
Flag for a moderator

Re: Websafe and the darkweb

TOR and other "darkweb" software does its clever bits on your side (LAN) of the connection. By the time the packets get WAN side (Virgins bit), "standard" blocking techniques wont block them, because the traffic is indistinguishable from other data that uses the same protocol. Thats kind of the idea, and why TOR is a useful tool for journalists or political activists who NEED anonymity.

SO to block it you will need to block it on the client machine, LAN side.

VM would need to deploy huge resources to basically guess which packets of data come from such a browser and would inevitably block other traffic in the process, leading to both consumer complaints and falling foul of the regulatory framework and net neutrality rules.

As an example they could simply block SSL traffic, and that would stop most deep web stuff from working.  But it would stop online shopping, home banking and any other app that uses it (which is most things these days)

If you imagine an analogy, your asking your water supplier to supply water for a shower but not allow someone in your house to take a bath.....

 

 

 

 


0 Kudos
  • 246
  • 14
  • 70
bromham
Superfast
906 Views
Message 5 of 6
Flag for a moderator

Re: Websafe and the darkweb


cricketlover wrote:

Otherwise, any user can simply use this method to get around all of the Web Safe filtering.


Everyone who uses Web Safe needs to be aware that it's absolutely trivial to bypass it completely and it cannot be relied on as a way of censoring the Internet for your children.  Asking an ISP to block this or the other really is pointless because any teenager (or his friends) knows how to get round such blocks and there are fundamental political objections to wider censorship.

Use mechanisms like Web Safe by all means but understand that they're a partial solution at best and only effective for very young children.

[Sorry: I didn't realise this was an old thread until after I'd replied to it]

0 Kudos
  • 3.48K
  • 199
  • 974
Sololobo
Wise owl
870 Views
Message 6 of 6
Flag for a moderator

Re: Websafe and the darkweb


Kippies wrote:

TOR and other "darkweb" software does its clever bits on your side (LAN) of the connection. By the time the packets get WAN side (Virgins bit), "standard" blocking techniques wont block them, because the traffic is indistinguishable from other data that uses the same protocol. Thats kind of the idea, and why TOR is a useful tool for journalists or political activists who NEED anonymity.

SO to block it you will need to block it on the client machine, LAN side.

VM would need to deploy huge resources to basically guess which packets of data come from such a browser and would inevitably block other traffic in the process, leading to both consumer complaints and falling foul of the regulatory framework and net neutrality rules.

As an example they could simply block SSL traffic, and that would stop most deep web stuff from working.  But it would stop online shopping, home banking and any other app that uses it (which is most things these days)

If you imagine an analogy, your asking your water supplier to supply water for a shower but not allow someone in your house to take a bath....

 

http://www.theregister.co.uk/2016/01/27/nsa_loves_it_when_you_use_pgp/

Because using detectable encryption technology like PGP, Tor, VPNs and so on, lights you up on the intelligence agencies' dashboards.

Agents and analysts don't even have to see the contents of the communications – the metadata is enough for g-men to start making your life difficult.

Imagine asking your ISP to keep private your web browsing history, your emails, the content of all your instant messages, and then ask them how the Investigatory Powers Bill will nullify any thought of privacy and security you have when online. Especially when your chosen ISP is American and subject to the Patriot Act.




It's What I Do.
I Drink and I
Remember Things.
0 Kudos