- Scenario 1 – A repressive government controls all Internet access. Its citizens cannot get to information on religion, democracy, or any site that might be critical of that government.
- Solution – A distributed system of web proxies enables the people of the repressed country to effectively bypass the filters, allowing them access to information that the government had deemed subversive.
- Scenario 2 – A school district employs web filters in compliance with federal mandates to prevent students from accessing inappropriate websites.
- Solution – A distributed system of web proxies enables the students to effectively bypass the filters, allowing them access to websites that the district had deemed inappropriate.
This leaves me in a bit of a quandary. I fully support the efforts of a repressed citizenry to gain access to information. I am totally against wholesale censorship. However, I am tasked with making sure that our students don’t access inappropriate sites while at school. Philosophically, I can support both positions. What is appropriate for the population at large isn’t necessarily appropriate in a school setting.
The same method for circumventing these filtering efforts applies for both scenarios. A web proxy works by providing a form into which a user types a URL which has been blocked. The proxy site then displays information from the blocked URL. The only thing that the filters see is traffic between the user and the proxy site, and not the forbidden site. Our web filtering system now devotes about as much of its resources to blocking proxy sites as it does to the sites themselves. I’m sure that these repressive governments (Burma, China, etc) spend just as much time blocking proxies. The problem is that it’s a constant battle and a losing proposition, especially in the case of proxies as opposed to blocking regular websites.
Web proxies are trivial to configure and set up. All you need is an Apache server, PHP, and the right script, and you’re in business (and, no, I’m not going to link to any of those resources here.) I was even able to configure a XAMPP Lite server on a thumb drive with a proxy script, effectively turning any computer into a web proxy. You don’t even need a URL as long as you know the IP address of the server.
When I first discovered the XAMPP setup, I nearly panicked. To me this meant that a kid could potentially fire up any one of our computers with a data drive and turn it into a proxy. However, in order to work, the proxy MUST be on the open side of the filter, ie outside the school district or repressive country. A student might still be able to set up a proxy on their home computer. Those in repressive countries must reply on the support of others in unfiltered areas.
Normal websites rely on constant up time in order to be effective. They must constantly be available should someone want to visit the site. Web proxies, on the other hand, need only be activated when needed. Therefore, these phantom proxies are much, much harder to detect and block. If a kid has a proxy running on a home computer, as described above, it’s only running while the kid’s computer is turned on. Also, if a DHCP server is in place, the IP address might change on a regular basis, making it even harder to locate the proxy unless you know exactly where it is.
So, what can a beleaguered tech director do? As I stated in a recent meeting with our school principals, this must be viewed as a discipline and policy issue and not a technology issue. Students must be taught media literacy skills and appropriate behavior while online. Consequences should be in place for those that fail to abide by policies, and these should be applied consistently. Teachers and administrators must monitor students’ use of computers, and not rely on filters to do the job. The only way to make filters completely reliable is to shut off access to everything, in which case the school districts come to more closely resemble those repressive governments.
[tags]instructional technology, edtech, censorship, filtering, proxy, proxies[/tags]