03 May 2013

Internet Filtering Series -- Part II

When discussing the possibility of Internet filtering, many impassioned arguments are made. This part is short and will merely present a sampling of the arguments for and against the implementation of Internet filtering.


  • Websites that contain spyware, adware, or otherwise damage the security of a given computer network can be blocked, thereby reducing the risks that come with infiltration and damage from the outside. This is particularly notable given how many attacks use and/or rely upon social engineering techniques to execute. 
  • Businesses and other organizations may desire to save network resources for business-related activities. Blocking sites that waste time or are not productive for workers to visit while on "company time" can help increase productivity and show that they are serious about acceptable-use policies that aim to prevent damage, data leakage, and harassment against customers and other workers. 
  • Some people believe that certain sites are harmful to society and should not be accessed, and in a society that does not mandate that said sites cannot be taken down, blocking access is a more feasible vehicle. An example of this occurrence can be found in religious groups that wish to censor sites that are deemed "blasphemous" or "sinful." 
  • Children can be prevented from accidentally gaining access to content that is objectionable, inappropriate, or harmful for their age level.   


  • In the United States, Canada, and many other Western nations, there exists a broad principle of "freedom of speech." When filtering is encouraged or mandated by law, there exists a real concern that the government may be implementing or mandating forms of censorship on all of its citizens and thereby abridging the civil rights those citizens have. While it is true that this doesn't usually extend to private companies, sometimes people will see a company being legally obliged to put filtering in place as abetting or supporting censorship. 
  • Filtering is not a foolproof technology, and legitimate concerns about websites with no clearly-objectionable content being erroneously blocked--or the reverse where objectionable sites that should be blocked are not. Further, there's always the possibility that technically-savvy users may be able to just circumvent it anyway and manage to mostly "cover their tracks." Another concern is that many filters do not effectively block HTTPS connections, so if a site has both "regular" and secure versions of their site, the secure address may not be blocked. 
  • Placing filtering in a business may be seen as a draconian measure, particularly if the filtering is suddenly tightened as a result of some internal incident. End users may be irritated at management or the IT staff (think of the epithet "Network Nazi"), and fear that management is seeking to monitor their every move. The result is that there is a risk of lowered morale among staff. 
  • The deployment and maintenance of filtering solutions can be cumbersome and/or expensive, particularly with larger-scale and complex networks. Client-side and DNS solutions may be impractical for a larger company to deploy and maintain, even if they're configured for roll-out through the network itself (e.g. deployment through Active Directory's Group Policy).
Go back to Part I

Go to Part III

No comments:

Post a Comment