Re: Using squidguard blacklists in skolelinux(.de)

To: Ralf Gesel|ensetter <rgx@gmx.de>
Cc: debian-edu@lists.debian.org
Subject: Re: Using squidguard blacklists in skolelinux(.de)
From: lists@dirkgomez.de (Dirk Gómez)
Date: Thu, 20 Jan 2005 11:44:40 +0100
Message-id: <[🔎] 87k6q81isn.fsf@dirkgomez.de>
In-reply-to: <[🔎] 200501171943.10329.rgx@gmx.de> (Ralf Gesel|ensetter's message of "Mon, 17 Jan 2005 19:43:09 +0100")
References: <[🔎] 87u0phoumj.fsf@dirkgomez.de> <[🔎] 200501171943.10329.rgx@gmx.de>

>> A better approach imho is to create a blacklist which is available
>> from the skolelinux.de site. It should just be a copy from the
>> teledanmark blacklist with possible postprocessing (e.g. removal of
>> sites that are known to be ok or adding of sites which are known to
>> not be ok).
>
> We should consider delivering the hash codes only - to evade potential 
> juristical consequences (INAL)

Could you explain please? Both legal issues and technical consequences?

>> Skolelinux installations would fetch the blacklist periodically
>> (which time intervals make sense?) and then there will be some
>
> like once a week? once a day? differences versus whole lists?

Whole lists - much easier to implement, less fragile in the long run -
bandwidth is cheap these days. Do you know how often the lists should be
fetched?

>> postprocessing as well: teachers can add whitelist and blacklist
>> entries through the webmin interface.

I suggest this approach for starters: teachers can enter domains and each white-
or blacklisted domain blocks out the whole domain. Or is this too "thorough"?
Do you need to block specific URLs?

If you use regexes to block URLs/domains you inevitably have to explain those
to users. And you also have to prepare for "weird" and "unexpected" side
effects.

A simple solution as described by me is easy to explain. It is obviously
imperfect, but no URL-blocker is perfect.

> We should consider the definition of a set of black-/whitelists that can 
> be activated one by one. Blacklists you find on the web often are 
> ckassified into
> - adult 
> - violence
> - illegal

Yes, the default squidguard blacklist is a set of files which are
categorized. One could show the categories in the webmin interface and
teachers could select which ones to use and which ones not.

> We could add a group "chat" and "mail" to disallow such services for 
> special occasions. In praxis, teachers shouldn't tweak around with 
> singular selcetions, but select one of a a list of predefined profiles
> (allow everything / ban adult stuff / kids only / ...)

I prefer this approach to offering a fine-grained selection.

I'll play around a little bit - especially with webmin - and then report back
to this list.

-- Dirk

Reply to:

Follow-Ups:
- Re: Using squidguard blacklists in skolelinux(.de)
  - From: Ralf Gesel|ensetter <rgx@gmx.de>

References:
- Using squidguard blacklists in skolelinux(.de)
  - From: lists@dirkgomez.de (Dirk Gómez)
- Re: Using squidguard blacklists in skolelinux(.de)
  - From: Ralf Gesel|ensetter <rgx@gmx.de>

Prev by Date: Re: eZ in Debian-Edu and on skolelinux.org?
Next by Date: Re: eZ in Debian-Edu and on skolelinux.org?
Previous by thread: Re: Using squidguard blacklists in skolelinux(.de)
Next by thread: Re: Using squidguard blacklists in skolelinux(.de)
Index(es):
- Date
- Thread