← Back to context

Comment by array_key_first

5 days ago

Yes, they are more sophisticated, or at least I'm assuming from how pi-hole and my workplace blocking works. Meaning, it works.

But those are not the best solutions, because of blacklisting. There are basically infinite porn websites. So, if you're going to try to block every porn website, you will lose, point blank.

So, even considering that, they do quite good. So if we just take the principle and invert it, it will be very good.

I mean, whitelisting vs blacklisting is why I am able to open my computer up to the internet via SSH. I'm not out here blocking 1 billion sites. No, I'm just allowing my laptop. And that gives me a lot of confidence, and it works.

And, I agree with culture change. But, culture change is very hard and I don't think it's something we can rely on.

4 comments

array_key_first

Reply
marcus_holmes  5 days ago

So, you whitelist Kid Internet sites, and you have a DNS server that handles Kid Internet.

And everything else is Adult Internet, and there are many DNS servers that serve Adult Internet.

You sign your household router up for Kid Internet, and it ignores Adult DNS servers, and only routes according to Kid DNS, is that right?

I can think of about 50 ways around this already, but let's assume we're not talking about anyone with any knowledge of how the internet works. So the entire household is signed up for Kid Internet, and there's no way an adult can view an Adult Internet site from this household, is that right?

  • array_key_first  5 days ago

    Well most DNS can be done per-device, just like in an IT setting. For example look at iOS. The device controls DNS, so set up little Timmy's iPhone to do Kid DNS.

    That sounds an awful lot like this proposal, right? Well yes and no. No because this would actually work. Just letting the iPhone say "im a kid" does fuck all, because all the websites we're targeting with that will just ignore it.

    And of course there are ways around this. Wanting a solution with no ways around it is dystopian. But is it a better solution than this? I think yes, it is.

    • marcus_holmes  5 days ago

      So we're locking a per-user DNS choice in?

      If Little Timmy signs in then OS chooses the Kids DNS, but if Uncle Bob signs in then it chooses the Adult DNS?

      As you say, I can see a few ways around this ;)

      Again, this feels like it just moves the responsibility for everything onto the parents, without meaningfully giving them any control. If something screws up and Little Timmy gets to see some boobies, who gets blamed? Is it the OS provider, the hardware provider, or the parents? Did the parents actually configure this themselves? If so, who taught them how to do that? Or did they buy the machine pre-configured? So does the vendor take responsibility?

      1 reply →