Netgear and OpenDNS to block porn from the cloud
There are lots of Internet filtering products on the market that enable parents to block certain types of websites such as pornography, hate sites, or sites that promote alcohol or drug use. Most of these products run on PCs or Macs by sitting between the operating system and the browser and checking any requested sites to make sure they're not blocked. The products generally do a good job blocking requests from protected PCs, but most don't work with game consoles, Wi-Fi-equipped iPhones or iPod Touches, or any other device that isn't running the software.
Netgear is about to ship routers designed to simplify the process by allowing parents to block content on any device using the home's wired or wireless network.
Netgear routers to offer in-cloud filtering
(Credit: Netgear)The new routers, which will be available in early September, will be equipped with firmware that configures them to use OpenDNS' domain name server to look up the actual IP address of any site someone tries to visit. If that site isn't on the blocked list, it will be displayed. But if a parent has blocked that site, the user will instead be sent to a page that informs them that the site they tried to access is blocked.
Some existing Netgear routers can be upgraded with the new OpenDNS-compatible firmware starting August 10th.
Because the filtering takes place at the router level, it works with any device in the household that uses that router including Web-enabled game consoles and Wi-Fi mobile devices. It won't, however, work with devices that don't use the home network such as an iPhone set up to use the 3G cellular network.
Like other filtering products, parents have control over the type of content blocked and have the ability to turn it off so that it doesn't prevent mom or dad from visiting any sites. There is also a "white list" feature that allows parents to exclude any site from the blocked list. Because the blocking lists are "in the cloud," parents can configure the filter from anywhere.
Before employing any parental control system, I urge parents to think about how they will or won't fit in with your family. Consider the age of the child, the child's Web surfing habits, the types of risk your child takes, and what you plan to say to your children about the filtering product. Parents should tell their kids that they're using filters and explain why they think they're necessary. Also, parents should never rely on filters as the only way to protect children--parental involvement is still important. If you decide to use a filter, consider weaning kids from them as they enter their teenage years. Eventually, your kids will be on their own and part of a parent's job is to help a child make their own good decisions. You can't rely on filters forever.
For details about the service, I spoke with OpenDNS founder & CTO David Ulevitch.
Listen now: Download today's podcast
Larry Magid is a technology journalist and an Internet safety advocate. He's been writing and speaking about Internet safety since he wrote Internet safety guide "Child Safety on the Information Highway" in 1994. He is co-director of ConnectSafely.org, founder of SafeKids.com and SafeTeens.com, and a board member of the National Center for Missing & Exploited Children. Larry's technology analysis and commentary can be heard on CBS News and CBS affiliates, and read on CBSNews.com. He also writes a personal-tech column for the San Jose Mercury News. You can e-mail Larry or follow him on Twitter @larrymagid. 





That said, this is not such a bad idea, being able to manage blacklists online. I'm using a script on my Tomato-powered Buffalo router that features DNS cache poisoning; it updates the host list every eight hours. I don't have anything to say in what gets added to the blacklist and managing the whitelist on the router isn't terribly intuitive. It's good to see that some router manufacturers are providing better tools/services for this stuff these days.
Which is why corporate IT guys keep networking hardware in locked rooms and closets. Computer security begins with physical security.
Seriously, it's not like it's some stranger hacking you. If the kid resets the router, you can take their computer away as punishment, and set it back up.
Most of what this article refers to is putting the security in the hands of parents. Parents who are buying a router with this "feature" (and geez, it's not that big a feature - my Linksys router that I bought 2 years ago had the capability for parental control, but I had to read up on it on Linksys' website) ARE buying it because they either 1) don't trust their kids, or 2) don't want to act as a parent and prevent their kids access to the internet. They want an easy way out, and are content to live in their little world.
I went to OpenDNS's website recently. Within 2 min, I had changed my DNS server on my computer, provided by their support pages. I didn't need to log in with a username/password to do so, and that DNS server is allowing me to bypass the DNS server that my router is running. If I can do it in 2 min. by reading documentation, what's to stop a 15 year old kid from doing the exact same thing to get around what OpenDNS is trying to do? All they'd have to do is find a different free DNS service (or contact their ISP for a list of DNS servers) to bypass OpenDNS' filtering system.
Big security holes in the system, just as others have pointed out.
2. OpenDNS is great.
3. Hosts files are free and work from known lists publicly available.
4. Netgear routers already have filtering options.
5. Linksys routers flashed with Tomato do even better.
6. Computer dorks like us are not the mass purchasing public.
- by kwstiegert August 15, 2009 8:38 AM PDT
- I purchased this router and have begun the process of setting up security.
- Like this Reply to this comment
-
-
- by jwuhavnfun August 20, 2009 1:45 PM PDT
- it doesn't look like you're using the latest but instead are using what was built into the router, using keywords to create a block list, etc... That's not new nor unique only to netgear
- Like this
-
(31 Comments)-all settings are on the web and password protected.
-you can give every computer on the network an ip address and then restrict a range of them so that kids are not logged on at certain times of day. We sleep better knowing kids cannot log on period after our curfew.
-the blocking is poor. You have to enter words and domain names line by line. After putting in words and web page names, I tested it. Those words and pages are blocked-that was easy. But then in 60 seconds, I was around the security and into the nasty world of porn. Furthermore, porn sites are using domain names with non-porn words. For example, dancingbears.com is a porn site.
We need one of two things.
-Netgear needs a purchasable service that blocks only obvious porn sites with three or four levels of security.
-or-
the government should require all porn sites to have a domain identifier so that a product like netgear can simply put in the one identifier in its keyword list.
i bought the product and was directed to www.netgear.com/lpc during the installation. download a few programs, one of them is the fw which i need to upgrade. i was then up and running in 5 minutes. interface is clean and easy to use, the best thing of all is that now i can remotely log into my security settings while i am away from home.