Some companies sell products such as this :
that any clueless user can install with the help of 3 mouse clicks on their
It autodetects proxy settings, creates an HTTP tunnel through corporate
proxy to software editor companyserver, so you can read your email from
everywhere... and so possibly the editor company or any bad guy having
rooted them get easy access to your internal network.
Wondering if some people know of some "content-aware" proxies/filters, to
attempt to block [some of] those dangerous products (apart from maintaining
Certainly, it will always be possible to encapsulate anything in HTML very
sharply, but some filtering could be made still?
ie, If a HTTP or HTTPS connection takes "too long" it should be dropped by
and many checks could be made by proxy to validate content, which I am not
sure are checked by products such as squid?
(Maybe even run a browser on the proxy and have it check it is able to
display what goes through? sounds a bit freak, doesn't it?)
By the way, I am really starting to wonder if running a HTTPS proxy is
.''`. | Vincent Deffontaines
: :' : Debian GNU/Linux | Network Administrator
`. `~' http://www.debian.org | Council of Europe