Is that not a challenge?
The parliamentary filters bans all porn sites.
Guest network runs through the filter.
How long before someone finds one it *doesn't* block.
The Houses of Parliament's network was used to access pornographic material 30,876 times from March to October, it was revealed today. That works out at approximately five attempts to access smut per hour, with Blighty's parliamentary filtering system blocking users from viewing the content. September was the month MPs were …
To be honest, there's not much you can do about it anyway. No filter will ever be perfect.
But the alternative is "no internet access at all" which is then a problem for everything from visitors to contractors to just general contingency if the computers go down.
As someone who does operate a workplace wifi network, including guest access, I can also tell you - it means nothing. The system is for a school and it blocks ALL access to dodgy stuff, everything from Facebook to porn (kids definitely shouldn't be trying to get the latter, but also they shouldn't be able to just join the guest network and bypass our Facebook blocks!).
You know what flags the most? Contractor's mobile phones during the holidays (contractors are rarely allowed on-site in term-time, and certainly not allowed to use their mobiles when they do because of the basic child protection rules). They come on-site, can't get 4G, they need to send an invoice, check a spec, download a manual, access their corporate intranet, etc. So they ask to join the guest wifi, and bam... all their background stuff hits the filter and sets off alerts. It's not at all unusual for someone to instantly be blocked because of the number of alerts, the maintenance team bring them to the IT office, they show us their phone and the second we unlock it there's a browser with a dozen porn tabs in the background and significant history.
Sure, it shouldn't be there. Sure, you can't block everything. But it's also not necessarily the best thing in the world to just block all wifi access (they'll just do it via 4G anyway... at least going via the Wifi you can make them accountable for it if it's something really dodgy).
To be honest, with something like Parliament, I imagine there are a thousand reporters who "just want to submit their story" but aren't able to just connect to 4G from inside the massive stone walls, so they give them a guest wifi. And I don't imagine the average tabloid journalist is averse to having a phone full of porn.
Fact is - there's a block in place. This lets you record traffic, see trends, get alerts. This lets you detect and investigate the illegal stuff immediately (I should hope!). While providing a useful function to guests, and not being a way to "bypass" restrictions on the normal network (because then you'll just have everyone join the guest wifi to do their "classified" work).
So basically Parliament are letting everman and his dog bring their own porn filled devices in to use the network? I guess that explains it.
but re "certainly not allowed to use their mobiles when they do because of the basic child protection rules)"
Are these people vetted or not? Does the same go for full time staff?
You can't work for schools without being vetted. Even our access control guys / telephone guys / hole-diggers are required to be. The only exception is completely contracted-out staff under the strict supervision of already-vetted staff (e.g. Virgin Media cable pullers, etc.), which is why such work is often done when no children are present or someone literally has to stand with them at all times.
That doesn't mean they don't have a phone full of porn, though.
All member support staff and civil service staff are subject to civil service vetting, usually to an SC level, though some low grade roles only require CTC and a couple of higher roles require DV. Members are vetted privately by their own parties and are not subject to the Civil Service Charter.
"The data shows requests to access websites, not visits to them"
Oh wait, these are the same idiots who suggested it would be good if there were ways to "delete things from the Internet". Amongst other such sentences which show absolutely zero understanding of how the Internet actually works.
Presumably they also thought the request was only logged if they ended up with someones titties displayed on their £1000 15" CRT monitor which a "consultant" had said was state-of-the-art.
Only if your email is set up in a totally stupid way.
You should never just automatically pull down all images in email links
I download email headers only.
If they look OK, I grab the email (but do not auto pull down any content such as a link to an image)
I do not automatically render / process inline (or "normal") attachments in email client
Obv, for most people headers only may seem a bit paranoid, but as bare minimum users should have email set to NOT auto download images & other problem content in urls
.. but when you can get in a lot of serious trouble if any iffy content appears on your work machine, then it makes sense to be paranoid and make best efforts to sanitize emails to avoid the potential contract violation hassle
hmm, this is a bit of a non-story really I think depending on what the filters class as porn, personally, I suspect advertisements are the biggest culprit for logging a 'hit', maybe some pictures on Facebook and the like where the filters deem the image to have a lot of skin colour in them trigger quite a few hits too...
Total non-story, clearing distributed by someone who is intending to mislead the general public who would have no idea as to how web filtering works.
You pick your web-filtering hardware/IaaS/SaaS solution and by and large your vendor provides you with a pre-defined and routinely updated black-list. It's for you to white-list items that you don't think should be blocked. By default I tend to find the default black-lists to be overzealous as the vendor will likely want to play it safe, and if you've using a product from say ... Forecpoint (Websense) ... they'll not want to cause an international scandal since they're owned by a US defence contractor. Potentially very bad publicity indeed.
I can walk across my office on almost any day and I'll spot someone with a bonefide web page but there'll be a frame with an advert in it displaying the corporate policy defined blocked content message. No one is surfing pr0nz, but there are LOTS of so called genuine web media outlets which don't scrutinise the advertising space that they've resold, or the content agency they've used simply doesn't give a f***. Pr0nz ads are getting less common and embedded bit coin mining are becoming more prevalent. Just follow the money.
"but there are LOTS of so called genuine web media outlets which don't scrutinise the advertising space that they've resold"
Perhaps they should. Perhaps there should be a bit more reputational damage for sites that don't scrutinise what ends up in their advertising space. Perhaps then we'd see the ad-brokers given the damn good kicking they so richly deserve.
After all, if you can code up a Spectre attack in Javascript, ads are a pretty major security issue.
Its Parliament reShuffle day today!
A vital annual parliamentary tradition designed to shove Politicos up the ladder and make their CVs look good for all those directorships they will sit on , whilst , most crucially, making sure no one knows what the fuck they are doing because they've been in the job less than a year.
Meh pretty standard response to a weak FOI question. We get these all the time. Fishing (for once not phishing) exercises by journalists and vendors looking for a cheap easy story. Take the figures out of context, ditch the context usually provided with it and hey presto Daily Mail story.
Interpreting internet filtering reports is a bit of a black art. Over the years I've probably spent more time using them to get people off the hook than sacking them.
Obviously MP's shouldn't be looking at porn in their offices, but is it really the parliament authorities job to filter the traffic at all? When MP's in the chamber are exempt from laws such as libel, is it really appropriate to be filtering the internet to their office?
There are presumably legitimate ( although presumably rare ) reasons for an MP to be looking at legal but inappropriate material too.
An example of why an MP needs to access porn for their job?
MPs represent constituents needs, so unless there's some genuine social need for constituents to seek the Gov's help in finding "bongo-flicks", it should be blocked. I work for a financial services company and only odd request we needed to put a "hole" in the proxy filter for was for an investment manager to study some gaming sites to draw up a proposal to invest in them. Pornography, unless you're making it, staring in it or investing in it you don't need it at your place of work.
The problem with pornography is that you rely on the site owners to filter the content and judge it. Some 14 year old runaway found on Sunset Strip and offered $500 to be filmed being "probed" in all her "offices" is illegal in most countries, you watch it you're a party to child abuse. Someone finds out that you watched it on your company machines, it hits the media and next thing your company's name is mud and your investors are pulling out faster than Johnny Sins having done the deed!
Security is important in the adult entertainment industry too, so these companies hire security testers to check the security of their websites. I've had to sit in an open plan office working on porn and other sites that would usually be inappropriate to view in the workplace at the direct instruction of my boss.
The only example I can think of is that owners of pornographic websites are constituents of MP's too.
I'm not sure exactly what that case would be in that situation, but it shouldn't be the parliamentary authorities place to decide whether there's a case for accessing that material or not. It's not a traditional employer / employee relationship.
"The figures are down on 2016, when 113,208 access were made - indicating a continuing trend of either greater care or loss of libido on the part of MPs."
Or maybe last year's 113,208 passed the word around when they found the filter, and only another 30,876 have tried this year.
"The figures are down on 2016, when 113,208 access were made - indicating a continuing trend of either greater care or loss of libido on the part of MPs."
Or maybe last year's 113,208 passed the word around when they found the filter, and only another 30,876 have not found the proxy settings yet?
Or maybe the filters are now up to date and not blocking as many sites because some are actually not pr0nz at all?
The figures are completely meaningless and totally subjective, and only reflect the sensitivities and the accuracy of the small number of individuals employed to come up with a black-list to push out to customers devices or services. Many URLs won't have even been visited by the vendor of the filtering product or service to confirm the real nature the content - they couldn't possibly visit every site. They may also be blocking based on URL string alone. There are plenty of web-pundits that publish to the blog-o-sphere and think it highly amusing to put their content behind a risqué URL, coz they think it's clever - only for it to be blocked by most filters by default and then wonder why they don't get any hits.
They could keep all of parliaments internet connection records and make them public so that the people that elect these officials into office can vote out all the lazy MP's that are watching porn all day. (at least I hope that's all they are doing at work...)