Hacker News new | past | comments | ask | show | jobs | submit login

My question is more in the line of - wifi provided by school that blocks/filters content. But thanks for the other answers too!

(I'm concerned if a kid browses with iPad, some telephone, etc., and the concern is more on whoever provides the service that might be liable in some way).




They could block whole domains, which https doesn't change.

The only time it makes a difference is if you want to block part of a domain and not other parts. I can think of some use cases (block Google unsafe search, but not safesearch), but generally they just block the whole domain and have a separate domain for the "good" part. (See http://www.safesearchkids.com/, for example.)

And it's not like this isn't the same situation now. Whatever would be possible then would also be possible now, just by using https. This is just making http harder to use.


Schools do strange things all the time; they'll want to allow YouTube and block Google Drive and Dropbox (because, heaven forbid a student download an arbitrary .exe onto the school's Windows computers and run it, but for some reason opening notepad to create a .bat file locally is perfectly OK).


If we're talking about school computers, they can put whatever self-signed certs they want on them.

Besides, what you described is still domain specific. If you want to block only certain Youtube videos, that's where you'll have a problem.


Only domain/IP-level blocking would work for public/free WiFi-style connections. The filtering wouldn't be able to inspect the contents of the pages that are transferred without perform MITM decryption/encryption, and to do that you need a certificate installed on the user's device.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: