# Surf Control - any tricks to bypass these



## gianni (20 Oct 2006)

I work for a large company who, like many large company's, have surf control restrictions for certain websites.

I'm not very IT savvy but was wondering are there any ways to get around these controls ? I'm guessing it depends on how the restrictions are applied etc but I was just wondering if anyone had any generic hints.

I've just read through the post and my use of the term 'certain websites' makes me sound like a criminal or a mac wearing pervert !! I should clarify that the sites I am interested in viewing are jobs/career sites - and occasionally paddypower.com


----------



## jpd (20 Oct 2006)

Your company has an internet policy, I presume, and accessing "non-authorised" sites is up there amongst the list of things for which you could be disciplined or fired.

If you really have a business need to access a particular site, then I'm sure that if you make a case for it, the site will be added to the authorised sites.


----------



## Satan's Bed (23 Oct 2006)

www.the-cloak.com


----------



## ClubMan (23 Oct 2006)

Web anonymiser sites don't necessarily help you circumvent organisational firewalls and content blockers as far as I know.


----------



## bankrupt (23 Oct 2006)

jpd said:


> Your company has an internet policy, I presume, and accessing "non-authorised" sites is up there amongst the list of things for which you could be disciplined or fired.
> If you really have a business need to access a particular site, then I'm sure that if you make a case for it, the site will be added to the authorised sites.


 
You must work for the IT department in my company.  I find such pointless censorship completely counter-productive, I am constantly blocked from accessing industry blogs, discussion sites (including this one!) and other work related material.  Presumably this is because adults can no longer be trusted just to do their jobs and must instead be treated like infants.

Anyway, there is an excellent discussion of proxy avoidance (or should that be evasion ;-) here: http://www.boingboing.net/censorroute.html


----------



## podgerodge (24 Oct 2006)

bankrupt said:


> Anyway, there is an excellent discussion of proxy avoidance (or should that be evasion ;-) here: http://www.boingboing.net/censorroute.html



hehe just tried that site in my office but it was blocked by websense....arrggghhh!




jpd said:


> If you really have a business need to access a particular site, then I'm sure that if you make a case for it, the site will be added to the authorised sites.



No, Bankrupt, I think he works in my office's IT area!


----------



## ClubMan (24 Oct 2006)

Where a company has a clear acceptable use policy applicable to internet resources that blocks access to certain sites then the individual might want to access such sites on their own time and from their own systems or a cyber café. Otherwise there could be disciplinary implications for misuse of company resources.


----------



## gianni (24 Oct 2006)

In my case, if a site is restricted access then the category of the site is displayed in my browser and the reason that it is blocked is because it falls under this category. I presume, therefore, that my IT crowd are somehow creating a rule that says 'block any sites under Category x'. 

Is there someway to view a website but under a different category name ?

e.g. I want to view some jobs/careers websites. My company have a restriction on these category of sites. However if the site had a different categorisation I would be able to view the contents.  

Do the creators of these websites (particularly recruitment sites) not anticipate that some viewers will be restricted if the site is categorised correctly ? If so do they ever develop 'mirror' sites with identical content but a different categorisation ??

Apologies if my ramblings appear a little Karl Pilkington-esque...


----------



## gianni (24 Oct 2006)

> Where a company has a clear acceptable use policy applicable to internet resources that blocks access to certain sites then the individual might want to access such sites on their own time and from their own systems or a cyber café.


 
Point well made, Clubman.  


I have no intentions of attempting such surf control evasions. I am merely interested in the process. Kinda like those guys that sell fake ID's but claim that they are for novelty use only...  *ahem*


----------



## Capaill (24 Oct 2006)

gianni said:


> I presume, therefore, that my IT crowd are somehow creating a rule that says 'block any sites under Category x'.



the classifications of sites can happen in a number of ways; primarily the software being used to restrict internet access is updated automatically by the software manufacturer.  This is done by the manufacturer categorising the sites based on their own reviewing of sites or by submissions from customers.  So if I as a customer in Ireland request that www.independent.ie be classified as a newspaper site, the manufacturer will review the site and if they agree will place it in the appropriate category.  This then helps all customers of the software as they will get this added to their system during the next update.

Another way is for the company to update the categories themselves for their own use.  This is often a task given to someone to review the Internet access logs and review sites not classified in any categories.  The company can then add sites to the relevant categories if they feel they are in breach of the company's acceptable usage policy.

I think it is important to note that companies implement acceptable usage policies to protect themselves and their employees from potential issues when inappropriate sites or usage of the internet and email occurs.  If done properly acceptable usage policies are drawn up in consultation with HR, staff and senior management.  IT simply implement and manage the policy on behalf of the company.  

A good policy will also have in place the consequences of breaching the acceptable usage policy and also the consequences in attempting to bypass any controls in place to enforce the policy.  This can and in the past has led to staff being dismissed.

If you need to access the sites for genuine work reasons then simply request for them to be allowed, otherwise follow clubman's advise and if the sites you wish to access are in breach of the policy then perhaps your workplace is not he appropriate place to acess them. 

C


----------



## bankrupt (24 Oct 2006)

Capaill said:


> the classifications of sites can happen in a number of ways;


 
Check out this site for a critique of Websenses' censoring policies: http://www.peacefire.org/censorware/WebSENSE/

(Chances are that you won't be able to access this link if behind a Websense proxy.)



> I think it is important to note that companies implement acceptable usage policies to protect themselves and their employees from potential issues when inappropriate sites or usage of the internet and email occurs.


 
I think it is perhaps more important to note that this kind of molly-coddling should be completely unnecessary in a modern, mature, workplace. A sign of the times perhaps but nonetheless disappointing that anyone thinks this is a good idea. I don't feel "protected" in any way by this kind of filtering, do you?



> A good policy will also have in place the consequences of breaching the acceptable usage policy and also the consequences in attempting to bypass any controls in place to enforce the policy. This can and in the past has led to staff being dismissed.


 
A very good point, bypass these proxies at your own peril!

Distributed boingboing will allow you to view their "defeat censorware" link: [broken link removed]



> If you need to access the sites for genuine work reasons then simply request for them to be allowed, otherwise follow clubman's advise and if the sites you wish to access are in breach of the policy then perhaps your workplace is not he appropriate place to acess them.


 
Or as in my case, "simply" request for the work-related sites to be allowed, wait at least 3 days, escalate, wait another few days, pull some hair out, request again, wait some more etc. etc.


----------



## Capaill (24 Oct 2006)

bankrupt said:


> . I don't feel "protected" in any way by this kind of filtering, do you?



Actually yes.  A comprehensive policy and effective filtering systems ensures that I as an employee will not access material that can have me disciplined or even sacked.  It also means that my work environment is a better place free from harassment and bullying as a result of inappropriate content being accessed and circulated.

From a company's point of view it protects the company from
(a) Sexual harassment cases
(b) Bullying cases
(c) The introduction of computer viruses and other nasties onto the network
(d) Cases resulting from potential breaches in health and safety.
(e) The company being sued for breach of copyright for material downloaded by staff, e.g. MP3 files etc.
(f) Staff goofing off browsing non-work related sites.
(g) Having computer equipment seized in a Garda investigations into activites in breach of the Child Pornography and Trafficking Act.



bankrupt said:


> this kind of molly-coddling should be completely unnecessary in a modern, mature, workplace. A sign of the times perhaps



Agreed, but unfortunately we live in litigious times and as the Tayto add says, "theres always one"

C


----------



## bankrupt (24 Oct 2006)

Capaill said:


> Actually yes. [HR speak deleted]
> 
> From a company's point of view it protects the company from
> (a) Sexual harassment cases
> ...


 
I feel much safer all of a sudden, I just didn't realise that Websense was protecting me from so much internet evil. If only they made spectacles that would immediately black out when viewing anything inappropriate - they could call them "non-sense glasses."


----------



## ClubMan (24 Oct 2006)

bankrupt said:


> I think it is perhaps more important to note that this kind of molly-coddling should be completely unnecessary in a modern, mature, workplace.


People who don't like it can always find another job with more permissive internet usage policies.


----------



## bankrupt (24 Oct 2006)

ClubMan said:
			
		

> People who don't like it can always find another job with more permissive internet usage policies.


 
I didn't realise you worked in our IT department too ClubMan! 

Alternatively, people could choose to reject the principle of this petty meddling and, once in a position of sufficient influence, rescind it. Or not.

I hereby invoke Godwin's law to close the thread: "Websense =~ Nazis."


----------



## ClubMan (24 Oct 2006)

bankrupt said:


> I didn't realise you worked in our IT department too ClubMan!





> Alternatively, people could choose to reject the principle of this petty meddling and, once in a position of sufficient influence, rescind it. Or not.


It's an employer's prerogative to institute the sorts of systems and policies that they feel are needed for and best suited to their businesses. Nobody forces people to work for such employers. They do so of their own free will.


----------



## bankrupt (24 Oct 2006)

ClubMan said:
			
		

>


 
Sorry, forgot the smiley  .



> It's an employer's prerogative to institute the sorts of systems and policies that they feel are needed for and best suited to their businesses. Nobody forces people to work for such employers. They do so of their own free will.


 
Absolutely true, thanks for pointing that out. Clearly companies are free to control such access in any way they see fit. It's just a pity that these invidious, joyless, pointless restrictions are becoming more common-place. I assume such policies are common HR practice these days, will they become the rule rather than the exception?

You might say that it is a "rip-off."


----------



## Capaill (24 Oct 2006)

Bankrupt

Trust me most businesses do not want to invest the time, resources and money into implementing these systems.  The sad case is that for the reasons pointed out earlier in the thread companies are obliged to implement these policies to protect the company and staff.  The same way they have to invest time, money and resources into developing policies and systems in relation to health and safety, discrimation, bullying, etc. etc. 

Also IT don't introuduce these policies simply for the sake of it, they do so because they are mandated by the business to do so.   So it is company policy not IT policy that is the issue.  It does appear though that your IT department may not be the most responsive to requests which is definitely an IT Dept issue.

C


----------



## jmayo (26 Oct 2006)

Most companies have a computer usage policy to cover them in the event that an employee uses their property for illegal or offensive purposes.
If an employee is found downloading and/or disseminating offensive material they can always use the case that they were never told not to or if the company does not want this to happen why is it not blocked by IT.
  Cover your ass is the motto, both by the company and IT.

In the past bandwidth was also a major consideration.  
If everyone was downloading mp3, jpegs, mpegs etc, then the legitimate users were penalised.

I could state that in any organisation IT should be the only true users of the web, just like in the old days.


----------



## tt225 (27 Oct 2006)

And not forgetting that the stated purpose of most businesses is to give the owners some return on their capital, while ensuring a secure future for the employees.  

Surprisingly, studies have showed that one of the least efficient ways of achieving this aim is to provide a warm, comfortable office, and allowing those employees to spend their days in a utopian bliss, sending their mates IMs, downloading bittorrents, and bouncing emails back and forth with links to Myspace pages and hilarious Youtube clips.


----------



## slave1 (27 Oct 2006)

A lot of these negative points and pointing out company internet policies are a bit mute and contradictory, if you look at the amount of posts in this site at the core working hours life in Ireland its pretty obvious that sites like this would fall away without work folk viewing and posting.
Sorry OP can't help you out, pity about the off topic banter


----------

