08-28-2012 06:00 PM
Any chance of blocking https sites in the future?
There are 2 search engines startpage + ixquick and of course google and some others can now use https. Startpage + ixquick both use ixquick and while there is a setting for porn, what's the point if all you have to do is click a button.
Other than logging that these web sites were gone to, there's no record of what was searched.
The best I can do is slow someone down. I've blocked these web sites as search terms in my DD-WRT flashed router, blocked port 443 in the firewall except for a couple of sites, and added them to the hosts file + proxy.pac file. All of which except the password protected router can be gotten around in a couple of minutes.
Also, I'm running the Norton supplied free by Comcast. Any chance of password protecting the Security Suite like Safety Minder?
08-28-2012 07:02 PM - edited 08-28-2012 07:03 PM
You mentioned you have Norton security product from Comcast. Have you setup your Norton Online Family account and got Norton Safety Minder installed on the machine?
08-29-2012 10:44 AM
Yes, but if you enter https://www.startpage.com or https://www.ixquick.com the https will bypass Norton. I ended up blocking port 443 in the firewall and only opening up 2 https web sites that I need for work and paying billings.
I'm not blaming Norton, https is just what it is, a security port to keep prying eyes out.
These search engines let you search anything you want. They will also let you see web sites that are normally http web sites by repackaging the web site into a https web site on the fly. All you see for history is that startpage and ixquick pages were viewed, not what was on those pages.
At the very least these web sites and https://www.google.com (which is pretty new) should somehow be handled as web sites that can be used to circumvent security software like Norton Safety Minder.
My setup is good for the time being, but with a bit of knowledge can be circumvented in a couple of minutes.
Copy and past one of the https: links above and see what Norton can stop. It won't be that much. It also isn't Nortons fault because of the nature of https.
If it was me, I'd password protect the firewall, and add a easy to understand setup for blocking all HTTPS web sites with the capability to white list some https web sites.
Something like, "Recently, many search engines have created secure search engines where the searches cannot be monitored. Would you like to block those kinds of search engines? Yes or No" Then fill a list of them with the option of the user checking or unchecking them.
Also do the same for https as a whole and explain that the user might want to enter any web sites where money transactions happen, because if they don't, the web site won't come up.
08-29-2012 06:38 PM - edited 08-29-2012 06:39 PM
Thanks for the update. What browser do you use? I test it on Internet Explorer 8 and the websites are blocked with https://
Please try that to see if it helps.
I will report this to the team.
08-29-2012 10:51 PM
I have a similar problem. HTTPS prevents safesearch from sticking to strict.
On both IE 9 and latest Chrome.
Opening www.google.ca (or any google domain) google redirects to the https version.
While on https, Safety Minder is unable to keep the google SafeSearch feature on "strict" as it normally would.
Is there some way to get this working again... Or is there a way to stop Google from redirecting automatically to https?
08-29-2012 10:56 PM
I researched this a little more and discovered that google started doing this only for people logged in to their google account.
Sure enough, if I log out of google, the https redirect stops and Safety Minder correctly enforces the Safesearch feature again.
So, this looks like something that needs to be looked at.
There's an article descibing it. Originally, you could disable the redirect but not any more.
09-18-2012 02:39 PM
Hi, I am having this same issue in all browsers, Https remains unblocked and is on a browser not signed into google or any other provider account. This is my childs computer and it is creating potential of unblocked sites for downloading, mail, search unrestricted, etc. I was previously using K9 and changed because of more features through norton, but i may need to go back.