Re: Redirect HTTPS with Squid3+Squidguard

To: debian-user@lists.debian.org
Subject: Re: Redirect HTTPS with Squid3+Squidguard
From: Sven Hartge <sven@svenhartge.de>
Date: Thu, 26 Mar 2015 14:32:54 +0100
Message-id: <[🔎] 12bg3m53rodv8@mids.svenhartge.de>
References: <[🔎] 550F1FB8.1030309@abwesend.de> <[🔎] jbfpujsrodv8@mids.svenhartge.de> <[🔎] 20150322161031459610300.NoCcsPlease@bob.proulx.com> <[🔎] kbfqc92rodv8@mids.svenhartge.de> <[🔎] trinity-16611559-8bb9-4e79-9f61-9b027df65c5b-1427099581524@3capp-gmx-bs01> <[🔎] slrnmgvmdm.5bu.liam.p.otoole@dipsy.tubbynet> <[🔎] lbfrnnsrodv8@mids.svenhartge.de> <[🔎] 55109358.7080509@abwesend.de> <[🔎] mbfu3k3rodv8@mids.svenhartge.de> <[🔎] 20150324153518514183009.NoCcsPlease@bob.proulx.com> <[🔎] 5513EE85.5060908@abwesend.de> <[🔎] 11bg3gmtrodv8@mids.svenhartge.de> <[🔎] 551403F7.7080505@abwesend.de>

Michael I. <linux-michael-i@abwesend.de> wrote:
> Sven Hartge <sven@svenhartge.de> wrote:
>> Michael I. <linux-michael-i@abwesend.de> wrote:

>>> But I have a new problem, I want to have a transparent proxy for
>>> http this works fine but when I add the iptables rule for https the
>>> loading won't work.
>>
>> Of course not. That this is not working is the _whole point_ of any
>> end-to-end encrypted connection.
>>
>> What you are effectivly trying to do is an Man-in-the-Middle
>> "attack".

> All I want is to protect children of harmful content (adult content).

You have already lost. If you build walls around content you don't like,
your children _will_ find ways of accessing it some other way. Besides,
all younger children (younger than 12/14 years) I observed surfing the web
don't have any direct interest in "nudity" anyway. And if they stumble
upon such an image the reaction was "eww, gross" and a quick click on
the "Back"-button. And older children, after starting puberty, already
had several access methods for "recreational pictures", mostly through
friends.

There is no way of protecting your children by technical means without
going down a rabbit hole of problems and inconveniences.

Educate them, supervise them. There is no other way.

By building a "STOP sign" in front of things you only heighten the
curiosity.

If your children are too young, they shouldn't use the Internet without
a parent (or other trusted person) present anyway.

If they are old enough, you have to learn to trust them and exersice
other disciplinary consequences if they do things they should not do.

Grüße,
Sven.

-- 
Sigmentation fault. Core dumped.

Reply to:

Follow-Ups:
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: "Michael I." <linux-michael-i@abwesend.de>

References:
- Redirect HTTPS with Squid3+Squidguard
  - From: "Michael I." <linux-michael-i@abwesend.de>
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: Sven Hartge <sven@svenhartge.de>
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: Bob Proulx <bob@proulx.com>
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: Sven Hartge <sven@svenhartge.de>
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: linux-michael-i@abwesend.de
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: Liam O'Toole <liam.p.otoole@gmail.com>
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: Sven Hartge <sven@svenhartge.de>
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: "Michael I." <linux-michael-i@abwesend.de>
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: Sven Hartge <sven@svenhartge.de>
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: Bob Proulx <bob@proulx.com>
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: "Michael I." <linux-michael-i@abwesend.de>
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: Sven Hartge <sven@svenhartge.de>
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: "Michael I." <linux-michael-i@abwesend.de>

Prev by Date: Re: Redirect HTTPS with Squid3+Squidguard
Next by Date: Re: Redirect HTTPS with Squid3+Squidguard
Previous by thread: Re: Redirect HTTPS with Squid3+Squidguard
Next by thread: Re: Redirect HTTPS with Squid3+Squidguard
Index(es):
- Date
- Thread