This would have been better if it was a joke. Big welcome to our new moral police, now encoded in two bits of a vanity IP address! Not a word spared for what kind of content is filtered, how they evaluate websites, any kind of appeals process... they did manage to portray it as helping the COVID-19 pandemic relief, though.
Edit: I missed this text:
> In the coming months, we will provide the ability to define additional configuration settings for 1.1.1.1 for Families. This will include options to create specific whitelists and blacklists of certain sites. You will be able to set the times of the day when categories, such as social media, are blocked and get reports on your household's Internet usage.
Regardless, I am still opposed to this service, and opposed to all forms of internet censorship and spyware. CloudFlare is already really bad for the internet, and this isn't helping their case.
>Regardless, I am still opposed to this service, and opposed to all forms of internet censorship
I'm genuinely confused as to where your complaint is coming from. Isn't this Cloudflare DNS server "opt in" for families? Why would voluntary filters be censorship? Censorship is more "top down" (e.g. government) that you can't opt out of.
Likewise, I just "opted into" into NextDNS a few days ago to block ads so I didn't have to set up a Raspberry Pi-hole. Is NextDNS "censoring" ads? Well yes, because that's what I want.
"Likewise, I just "opted into" into NextDNS a few days ago to block ads so I didn't have to set up a Raspberry Pi-hole."
This is a fantastic idea - I can't believe I never thought of this ...
I'm sorry to hijack, but about the nextDNS product ... how do they determine who is a paying customer ? Do you have to log your IP-space with them ?
I also have no idea, in the context of modern web browsing, how large or small 300,000 DNS queries per month is[1]. It seems quite large to me - as if even my entire household would never possibly produce 300k DNS queries each month ... but perhaps I underestimate how many queries modern web pages produce ?
Can I run my own very simple local resolver and use NextDNS as my upstream such that only one of my systems (my DNS server) is talking to NextDNS ? This would allow me to use NextDNS globally without them tracking me all over the world ...
>I also have no idea, in the context of modern web browsing, how large or small 300,000 DNS queries per month is[1]. It seems quite large to me - as if even my entire household would never possibly produce 300k DNS queries each month ... but perhaps I underestimate how many queries modern web pages produce ?
I just looked at my NextDNS stats dashboard for the previous 6 hours and it says 5900 queries. I was surprised by that high number. The intuition is to count in terms of manual clicks on urls but the part I underestimated is how "chatty" many web pages are with Javascript (e.g. analytics, ads, etc). In my case, I see about 1000 hits in 6 hours to just 2 urls: msh.amazon.com, content.googleapis.com.
Based on being awake 16 hours a day over 30 days, I extrapolate ~540,000 queries per month. This is for 2 people with no kids at home at the moment.
If my modest internet usage is ~540k queries per month, I'm guessing NextDNS definitely did the spreadsheet modeling to come up with 300k threshold so most people easily pass it after mid-month and therefore enticed to pay for the service to continue the ad blocking. When I get to that point, I'll re-evaluate the idea of setting up a Raspberry Pi-Hole. I really don't want to mess with hardware.
Maybe if I'm more aggressive with a local "hosts" file to locally block more sites to 127.0.0.1, I can drastically cut down the number of DNS queries hitting NextDNS.
I tried this route as well first, since I had an Pi 3B lying around not being used. However, after having the Pi-Hole FTL service crashing multiple times a week and completely stopping the whole network from getting Internet access I ditched it. This was using the latest Pi-Hole version on latest Raspian. Some searching the Internet turned up some results about memory usage and such but the logs never showed anything actionable and I gave up on troubleshooting it and just went for NextDNS instead.
I'm the only one using my NextDNS configuration, and run about 100,000 queries a day. Granted, I have IPv4 and IPv6 setup, so each request is duplicated for both. If I only used IPv4, it would be closer to 50,000 each day.
They determine which configuration to use for you by the endpoint you've configured, whether it's the app or using their specific endpoint.
I think the argument is that it's possible for a kid browsing to, in a succession of clicks, go from (for example) a surfing website to something they really shouldn't be looking at. These clicks may be naive curiosity on the part of the kid, rather than intentional seeking.
Some of this porny drift would be encouraged by affiliate links and ads. Our society is broken in many ways - who could disagree? - and this tendency is one of them.
One of my burdens as a parent is to provide a counter to this porny drift, and to the other broken aspects of our society for that matter.
Lest anyone think this is pure hypothetical, this happened to me. When I was 6 or 7 years old, my parents let me have an account on the family computer. I couldn't do anything particularly destructive, and didn't spend an overt amount of time on it. Mostly, I would press random keyboard keys into the browser's URL bar.
One day, I ended up at a website that said 'must be 18 or over to access'.
(I suspect it was a credit card scam, not porn, but the point still stands.)
Next time I logged into that computer, I found myself unable to start the webbrowser.
One of the teachers in my wife's school was having the students research the government and asked them to find the address of the President of the United States. Well, most of them typed in "whitehouse.com", which at the time was a porn site. The teacher had to rush around the room turning off the monitors and dealing with the chaos. The site they should have visited was "whitehouse.gov" but they didn't know that. Something like 1.1.1.1 for Families would have prevented this from happening.
I work closely with the school and am keenly aware of the dangers of censorship. We do NOT want to block access to some things that sound like they could be "bad" (ie. Essex England, breast cancer, etc.) However, that doesn't mean its a free for all where you can go anywhere and see anything. The Internet is a really, really big place for a 1st grader.
The second half of your comment is true, and I don't think anyone has claimed otherwise so the strength of your assertion is unnecessary.
On the first half, children need boundaries set for them. And unless you are yourself a child rebelling against parental rules, you will find yourself on the barely populated side of the argument.
I fundamentally disagree with you on the philosophy of parenting. You're not setting boundaries, you're incentivizing them to break rules and teaching your children not to trust you. Children are people, not property, and they ought to be treated as such.
I don't know how you got the idea of property or lack of trust here: my family know exactly what has been done and how to bypass it — I have taught my children to break unjust rules, but obey just ones based their moral judgement. The DNS filtering is for their protection, not their control.
ps. you REALLY ought to make your children wear their seat-belts in the back of the car, freedom be damned. ;)
"based on their moral judgement" this sounds like a subjective standard of morality based purely on personal judgement/feelings/what feels right to me. So what happens when the child opts to do something they feel is moral based on their subjective standard even when others have termed it immoral? How do you reconcile that?
"based on their moral judgement" could be interpreted as, and I suspect was meant as or roughly as, "based on what they believe is moral". That doesn't imply relativism.
(I feel a bit wary about the word "subjective" because I feel like it is used in a number of different ways, and I don't want to get those different meanings mixed up. This is why I said "relativism" rather than "subjective".)
I've never been in a position of much authority over a child, so I can't speak from experience on the side of the parent, but from my experience as a former child, my expectation is that often if a child (in the sense of age, not just "offspring regardless of age") disagrees with a moral claim and instruction made by a parent (especially one endorsed by much of society), that talking about it can go fairly well, as far as the parent's goals/beliefs are concerned. The parent is more experienced in life, and often better able to compose arguments, and that combined with even a small amount of claim of authority, can I think go a long way.
Of course, there are three main types of disagreements of this kind that I can see:
1) The child believes that an action is permissible (or simply safe), and the parent believes (perhaps knows) that it is not. In this case, it seems reasonable that the child be more willing to default to the parent's perspective, because if the child is right, less is lost if they comply than is lost if the parent is right and the child does not comply.
2) The parent believes that something is morally obligatory, but the child does not believe this. Again, for the same reason, it seems like it would make sense for the child to be more likely to default to what the parent instructs.
3) The parent makes an instruction for sake of convenience which they believe is permissible, but the child believes to be impermissible. In this case it seems more reasonable for the child to resist the instruction more thoroughly. If sufficiently strongly convinced (i.e. if they have a strong enough degree of belief that they are correct) it may be appropriate for the child to refuse, even under risk of punishment, or, in extreme cases, even flee and seek refuge with others.
I guess there is another case, which seem less relevant:
4) The child believes that something is obligatory, while the parent believes that it is not obligatory, and instructs the child to not do it. I don't think this situation happens enough to be all that relevant.
However, there is also the possibility of a combination of some of these cases.
If the child believes that an action is morally forbidden, while the parent believes it is morally obligatory, then this is indeed a difficult situation.
If they cannot reach an agreement, then the only thing left to determine what happens is power, but this is not what determines who is in the right. If the child is correct, then they are in the right to refuse as best they can, and if the parent makes them do the thing, the parent is in the wrong. If the parent is correct, then they may be in the right to make the child comply, provided that they means that they do so are commensurate with the severity of the moral issue, and also not more forceful etc. than is necessary.
This all seems straightforwards to me.
When someone has practical authority over you, it is generally appropriate, insofar as is compatible with acting morally, to act in accordance with their commands-in-the-area-in-which-they-have-authority, but if their commands contravene what is morally required of you, then one ought to do what one is morally required to do (tautologically), not the commands to the contrary.
If you are in authority over someone else, you not only have an obligation not to command them to do anything immoral, but if there is something which they believe to be immoral, but which you do not believe to be immoral, and it isn't critical that they do it, out of respect for the possibility that you may be wrong, and also out of respect for their goodness (If something is morally permissible and not morally obligatory, but one incorrectly believes that it is impermissible, as long as one believes that it is impermissible, one should not do it. If you tell someone to do something not-morally-obligatory-nor-supererogatory which they think wrong, and they do it, then you have caused them to behave poorly, which is something you should not do.) it is generally better not to ask that they do it.
Perhaps they're referring to pornography, and more extreme pornography on the peripheries that can be pretty easy to find even with a Google image search. I don't have citations at hand right now, but pornography has been shown to have particularly worrying effects on children. It's very reasonable to not want your children to be exposed to porn, just as it is to not want them drinking alcohol.
"Additionally, there is meta-analytic evidence to indicate that viewing more pornography and viewing extreme pornography is associated with the sexual objectification of women and more aggressive attitudes (Hald et al., 2010)[0]. Some longitudinal findings link sexual aggression and use of violent pornography, for example, one study of 10-15 year olds in the US found that those who intentionally viewed violent X-rated materials were nearly six times more likely than others to report sexually aggressive behaviour (Ybarra et al. 2011)[1]."[2]
[0] Hald, G.M., Malamuth, N.M., & Yuen, C. (2010). Pornography and attitudes supporting violence against women: Revisiting the relationship in non-experimental studies. Aggressive Behavior.36, 14-20. doi: 10.1002/ab.20328
[1] Ybarra, M.L., Mitchell, K.J., Hamburger, M., Diener-West, M. & Leaf, P.J. (2011). X-rated material and perpetration of sexually aggressive behavior among children and adolescents: Is there a link? Aggressive Behavior, 37, 1–18.
[2] Victoria et al. (2016). Identifying the routes by which children view pornography online: implications for future policy-makers seeking to limit viewing report of expert panel for DCMS. Technical Report. Department of Culture, Media and Sport.
>one study of 10-15 year olds in the US found that those who intentionally viewed violent X-rated materials were nearly six times more likely than others to report sexually aggressive behaviour
Isn't that a biased selection? It's a bit like finding that swimmers are more likely to drown or vice versa.
The way that first citation is worded makes me question the validity of the source. Looking into it further it seems like the researchers went in there with the answer and looked for supporting evidence for it:
>A meta‐analysis was conducted to determine whether nonexperimental studies revealed an association between men's pornography consumption and their attitudes supporting violence against women.
Keep in mind that these are fields that are very close to a lot of bs science. If you look up the first author on the study the first keyword that appears is "gender studies". All of this kind of stuff has to be looked at with extreme skepticism, especially when it's a politically charged topic.
>Isn't that a biased selection? It's a bit like finding that swimmers are more likely to drown or vice versa.
How is it a biased selection? Study 10-15 year olds, and ask about their porn use. Those who say they intentionally view violent materials are more likely to report aggressive behavior. True, this doesn't mean porn causes sexually aggressive behavior - but that's not the claim being made anyway.
>If you look up the first author on the study the first keyword that appears is "gender studies". All of this kind of stuff has to be looked at with extreme skepticism, especially when it's a politically charged topic.
I agree, and the field does have other problems too (in particular, the variation in how "pornography" is defined between studies) - but to call it BS science needs more than just an accusation. Homeopathy is BS, but that doesn't make the scientists criticizing it BS scientists, nor does it discount their research because the topic is politically charged. Malamuth, for instance, is a highly respected sociologist/psychologist. Either way, there's plenty of stuff out there for this, both "for" and "against". Open Google Scholar and do a search for "pornography and violence" or "pornography and attitudes on women", and select whatever date you want (after 2010, or after 2015, etc.)
It's important to remember that science does not prescribe "oughts", it just makes it harder for people who hold certain "oughts" to hold their views consistently.
>I don't know how you got the idea of property or lack of trust here: my family know exactly what has been done and how to bypass it — I have taught my children to break unjust rules, but obey just ones based their moral judgement. The DNS filtering is for their protection, not their control.
If your children know how to break the filters, and they wouldn't get in trouble for doing so, then I retract my statements.
>ps. you REALLY ought to make your children wear their seat-belts in the back of the car, freedom be damned. ;)
This is not a fair comparison, you are legally obliged to wear a seatbelt in the car. I would not drive my adult friends around if they refused to wear their seatbelt.
Drawing the line for the behavior of what I require my children to do at "is this legal or not?" is patently a bad idea, not to mention morally confused.
As children get older, you of course give them more autonomy, but so long as they are your dependents, you have both an obligation and a right to set reasonable boundaries on their behavior.
I certainly explain the rationale, and when possible try to persuade rather than force behavior where possible, and also let them make bad choices so they can learn from the experience, but they don't always possess the rational capacity to think about the long-term consequences or the ability to deal with those consequences when they occur.
I require my children to brush their teeth, because a failure to do so would result in both poor health consequences for them, and a great deal of expense for me.
As for restricting access to lurid content when my children are given internet access? Absolutely. I say this as someone who had unfiltered internet access as a teenager. They do whatever they want once they get their own internet access.
>As for restricting access to lurid content when my children are given internet access? Absolutely. I say this as someone who had unfiltered internet access as a teenager. They do whatever they want once they get their own internet access.
I think that's the parent poster's point. You had this kind of access. Do you think you're worse off now because you had this access as a teenager?
Perhaps it hasn't been necessary to force them because he is capable of explaining _why_ they're important, i.e. he is capable of engaging in a dialogue with his children.
Also, what kind of weird country do you live in where there even is such a thing as legally mandatory vaccines?
> Perhaps it hasn't been necessary to force them because he is capable of explaining _why_ they're important, i.e. he is capable of engaging in a dialogue with his children.
As someone who actually does mainly employ this technique because it is generally more effective (especially with very spirited children), this is a delusional statement.
For one thing, children don't always respond in good faith, and some (especially those who are verbally gifted) will try to manipulate the process of dialogue.
It's also a bad idea to give them a false impression that something is up for negotiation when it is not.
> false impression that something is up for negotiation when it is not.
It is up for negotiating, though. If you don't treat them as a rational being _always_ then you never treat them as rational. You don't get to choose when their rationality applies. If you do choose then you're the one who gives "them a false impression that something is up for negotiation when it is not".
> If you do choose then you're the one who gives "them a false impression that something is up for negotiation when it is not".
I do not give false impressions because I tell my children when I am giving them an option or an explanation.
When they are young, you require certain behavior of them so that they can develop healthy habits. Things like "eat your vegetables", "wash your hands" or "don't take your younger siblings toys out of their hands" are mandatory because it is important for children to develop habits of health, hygiene, and pro-social behavior.
I may use positive as well as negative reinforcement, but you cannot expect such behavior out of small children purely through negotiation.
When they are older, you grant them more autonomy but require behavior of them as a consequence of the fact that they are your dependents. As a parent, I am both the owner of the house they live in and their legal guardian. That means that I have latitude to set restrictions on their behavior so long as they are a) residents in my house, and b) my legal wards.
When they are old enough, they are perfectly within their rights to seek emancipation. The goal, of course, is to set bounds that are both sufficiently liberal and sufficiently reasonable that the (older) child will have no desire to seek complete autonomy prior to the age of majority.
You are. By choosing when they get to choose, you're creating a cultural hegemony that they aren't conscious participants in.
Your goal as a parent shouldn't be to socialize them into the norms, values, and beliefs of the dominant social group. The only thing you gain by this is replicating society.
> you cannot expect such behavior out of small children purely through negotiation.
You misunderstand, I do not argue for negotiation because you shouldn't negotiate. You carry no stake in your child's future, in this sense they're only themselves. If they are only themselves, then there is nothing for you to negotiate about.
> and their legal guardian
Please understand that I do not care about the actuality of your legal status. My concern isn't in what is but in what ought. I am purely interested in your[0] limitation of their potentiality for "pure reason", as Kant would put it.
[0] I use and have used the word "your" rather carelessly. I don't mean you because I don't know you.
> You are. By choosing when they get to choose, you're creating a cultural hegemony that they aren't conscious participants in.
I'm sorry, but I don't understand what you're saying here.
> Your goal as a parent shouldn't be to socialize them into the norms, values, and beliefs of the dominant social group. The only thing you gain by this is replicating society.
What do you think should be my goal?
For my part, my goal is to socialize them into the norms, values, and beliefs that I hold. In part I do this for their benefit (so that they can be autonomous adults) and partly to shape future society. But perhaps most of all I share impart these values and beliefs because I value and believe them. No parent can help but to impart their values and beliefs. The only question is whether you do so consciously or not.
> You misunderstand, I do not argue for negotiation because you shouldn't negotiate. You carry no stake in your child's future, in this sense they're only themselves. If they are only themselves, then there is nothing for you to negotiate about.
Again, my apologies, but I really don't get what you are trying to convey. What does this have to do with compelling young children to eat their vegetables or restricting a teenager's access to lurid content on the internet? Perhaps you have different examples in mind?
> Please understand that I do not care about the actuality of your legal status. My concern isn't in what is but in what ought. I am purely interested in your[0] limitation of their potentiality for "pure reason", as Kant would put it.
I have a moral obligation to help mold the plastic elements of my child's psyche (much of which is admittedly not malleable) to serve their best interests and the interests of the society into which they will enter.
> I use and have used the word "your" rather carelessly. I don't mean you because I don't know you.
Several vaccines are most effective when administered to infants. I'm not explaining to infants the benefits of herd immunity, I'm doing what's good for them as their parent.
Are infants property? That seems to be the level of reasoning on display here.
There is clearly a continuum between infants and adult roommates, but as the person who pays the internet bill, I decide what the default DNS server is. Those old enough to be bothered by that are welcome to choose a non-default DNS server.
To argue that this is somehow immoral because children shouldn't have their default DNS provider dictated to them is asinine, an argument most likely to resonate with teenagers without kids of their own.
> Children are people, not property, and they ought to be treated as such.
Children certainly aren't property, and they certainly are people. Immature, 'work in progress' people.
Our autistic son is a person, and not property. At the age of 17 years, he also has a reasonable command of language.
The only reason he can talk today is because we spent years using various techniques to strongly encourage him to learn language. Most of these were positive reinforcement: do this thing and you'll get something you want. Some were negative reinforcement: if you do this other thing, then you lose something you want.
This was an enormous and draining work. At the age of six, he was evaluated by a world class group of autism experts in the SF bay area, and we were told, point blank, that he would never speak.
It's true that this is a special case, but it's meant to clearly illustrate the underlying truth: to have positive outcomes, most children require variable amounts of coercion.
More to the point: I agree that it's relatively easy for most people and many children to work around DNS based censorship. I think it can be useful in some cases, but not as many as its proponents believe.
>It's true that this is a special case, but it's meant to clearly illustrate the underlying truth: to have positive outcomes, most children require variable amounts of coercion.
Because it's a special case it doesn't actually illustrate this "underlying truth". I think this kind of coercion tries to normalize kids, to make them more like parents think all the other kids are like. However, it's quite common that parents, for some reason, don't seem to understand (remember) what kids are actually like. Coercing a child can backfire disastrously. It can make them dependent on you and thus unable to deal with life later on. It can make them reject you and rebel against you and the values you try to teach them. What I'm trying to say is that this isn't predictable. There is no straightforward "children need coercion" type thing. If my parents had tried to be as controlling as many people in this thread seem to be, then I would probably never have spoken to them as an adult.
It's also easy for my children to find poison and sharp objects out there in the world, but because of that it doesn't mean I should leave those things lying around the house unsecured.
Are you a parent? It's a bit easier to understand if you are.
It can be harmful when you're not yet developed enough to evaluate that information (and the motives of the people peddling it) properly. There are plenty of online communities that e.g. normalize and encourage eating disorders or suicide, for example. It's our duty to educate our children well enough that they'll eventually be able to make smart decisions themselves - but that takes time and guidance.
Encouraging them to come to you when they see something suspicious or that's instructing them to do something is the solution to this problem, it doesn't seem likely that arbitrary censorship is the right solution.
You'll get far more damaging views from viewing Facebook, a book written by an economist or the front page of a news outlet than anything blocked by one of these filters.
Blocking 'icky' content is easier (notably, it isn't impossible) than blocking bad ideas.
The trick is to talk about what they read online, it's not to stop them from reading it at all.
>You'll get far more damaging views from viewing Facebook, a book written by an economist or the front page of a news outlet than anything blocked by one of these filters.
See now you're just trolling. You think economics books, and newspapers are more damaging than sites encouraging self harm...
This filter does not block sites encouraging self-harm. This filter blocks adult sites. My claim was that the filter only blocks things that are less harmful than what I listed. I don't think that's untrue, and stand by what I said.
It is literally impossible to block all sites containing an idea via DNS filtering. It's substantially more plausible to block 'icky' sites. It's noted elsewhere in this thread that the filter doesn't block Facebook (which has many communities encouraging self-harm) nor reddit (which has countless communities that do so).
The harms that the above poster cites (pro-ana & pro-suicide sites) are not and cannot be censored via use of a DNS filter.
The anti-solution isn't even attempting to be a solution. It's not that it isn't perfect. It's that it's not even resembling anything close to a solution: it's actively harmful to the goals that are apparently trying to be achieved.
Rule one of parenting is that you don't get to tell other parents how to do their job. I'll raise my kids the way I see fit - and that includes exposing them to certain things and choosing to not expose them to other things.
Religion or atheism? Personal safety or fuck it, we'll buy more bandages. Vegan or meat eating? There are a myriad of decisions you make day to day but, above all, you as a random internet commenter don't get to make that decision. I do.
Every time I see someone making absolutist statements about other people's parenting—even something as seemingly obvious as, "I'd never get my kid a candy bar at the grocery store if they were misbehaving"—I assume they don't have kids themselves.
One thing I've learned as a parent is that every kid is different, every situation is different, and there are always tons of undercurrents that aren't immediately visible. Are there shitty parents out there? Of course. But for every shitty parent there are ten parents just trying to get through the day and do the best for their children, often under extenuating circumstances that are difficult for many of us to fathom.
The problem is that enough people feel a certain way about parenting and this has been made law in western countries. Children aren't allowed to play outside unsupervised. In some places children aren't even allowed to go to school and come back on their own. This means that parents are already telling other parents how to raise their children.
Surely you'd agree that's not the fault of the information as much as leaving small children in reach of poisonous objects without teaching them that they shouldn't consume them, wouldn't you? The article notes that it was already a problem before the meme started, and the amount of consumption caused by the internet meme (18 cases; no deaths noted out of those) is still minuscule.
Considering the demographic targetted by the meme was teenagers, I'd say it doesn't matter if you taught them or not. Disinformation campaigns on the internet are a thing.
Kids don't flawlessly execute every piece of good advice given and sometimes you really do need to stop little Johnny from jumping off a bridge just because his friend said so.
The demographic targeted by the meme was teenagers. This does not imply that teenagers were the majority of people who ended up consuming the pods.
Kids don't flawlessly execute every piece of good advice given, sure, but if you give them the proper foundation it's extremely unlikely that they would do something like this.
Partially related but by no means an argument against your main point: there's a fun xkcd comic that points out how absurd the bridge argument is.
Parent: No, you can't go.
Cueball: But all my friends—
Parent: If all your friends jumped off a bridge, would you jump too?
Cueball: Oh, jeez. Probably.
Parent: What!? Why!?
Cueball: Because all my friends did.
Cueball: Think about it — which scenario is more likely:
Cueball: Every single person I know, many of them levelheaded and afraid of heights, abruptly went crazy at exactly the same time...
Cueball: ...or the bridge is on fire?
Parent: ...I, uh...hmm.
Cueball: Imagine reading this on CNN: "Many fled their vehicles and jumped from the bridge. Those who stayed behind..."
Cueball: Is something good about to happen to those people?
If your children are young enough that they need a specific time to go to bed, why did you give them phones in the first place? Surely they'd be too young for them?
It also seems very strange to deem not restricting information as neglect. Why not just have a conversation about them as to why they shouldn't do whatever you want them not to do? Advice doesn't breed distrust, but censorship and other regulations do.
I think you're looking at this as keeping porn from young adults who actively seek it but I don't think that's a major use-case. Anyone who thinks otherwise is a fool, teenagers will quickly be told to use a free VPN or something by their friends and get around your DNS filtering in minutes. Or hell, someone can just give them some on a USB stick or send them a ZIP file on whatever messaging app they use these days.
What's more important is protecting children (think <10) from coming across pornography accidentally while browsing the internet and looking at kid stuff. It's not only fairly well-accepted by society but in many jurisdictions, allowing children to see pornography is considered neglect.
I don't think kids today are as "hacky" as before, or rather, systems of today are just more polished and there's less reason to understand underlying details vs. abstractions.
For a DNS service that could become a kind of LetsEncrypt of DNS, its use case will be a little bit of everything. Cloudflare already has to make moral and social policing decisions, but then again, the bigger your company, the more morally interesting decisions it has to consider. This is especially the case when you're the kind of infrastructure company that serves the world.
Moral filters are going to be about the enforcement of moral norms. Are sites about condom usage, abortion, STD's, premarital sex, and homosexuality an adult topic? Are race relations an adult topic? Are shootings an adult topic? Is this going to be the kind of filter you lift at precisely the age of 12?
There's naturally going to be a lot of questions about how a filter is going to interact with situations, because it's going to be Cloudflare's vision of the web. In my view, DNS settings are often things other people set up for you and you don't really think about it.
> I don't think kids today are as "hacky" as before, or rather, systems of today are just more polished and there's less reason to understand underlying details vs. abstractions.
I think you're partially right but kids don't need to understand the underlying reasoning, they just need to be told what to do. When I was in school, everyone used PHP-based proxy sites to access restricted material on the school network. Nobody had a clue what a "proxy" was or how it worked, they just knew that's what they had to Google to get at whatever they wanted to get at.
Kids these days are the same. They don't need to know what "DNS" is or how a VPN works, they just need to know that a friend told them to look for a VPN app on the app store.
> Are sites about condom usage, abortion, STD's, premarital sex, and homosexuality an adult topic? Are race relations an adult topic?
The question isn't so much "are these adult topics" as "are these topics parents will want small children to encounter on the internet" and I'd say that's a definite "no".
That isn't to say small children shouldn't learn about them, they'll definitely need to be taught, however I don't think that many parents would be comfortable with their children being taught by whatever resources their child happens to stumble upon.
And to be clear, I'm not saying that homosexuality or interracial relations are morally any different to regular relationships, I'm saying that internet material isn't likely to be suitable for educating small children. It'll be very easy for them to stumble across material that's overly sexual in nature, racist or homophobic.
FWIW I come from a country where sex education is covered fairly well by both primary and secondary school curricula, which may colour my response here.
> Are shootings an adult topic?
That one's difficult and depends on the specific cultural norms you live under I think.
> Is this going to be the kind of filter you lift at precisely the age of 12?
My kid is 2.5 and especially now when we can't get her out of the house, we're relying on a tablet for some of her socializing (seeing friends and family on video chat). We often use this while we're cooking and cleaning. Amazon looooooves to push ads to her tablet and the kid friendly mode they offer is a nightmare to try and use. I filter content for her because as much as we'd like to, we can't always be watching.
She's 2.5. Lots of things in her life aren't voluntary. It's my responsibility and choice to keep her safe. You can let your kids watch all the lemon parties they want but I'll just keep that stuff blocked.
At 2.5 you probably shouldn't even be letting her roam the public internet on 1.1.1.3 - you need a whitelist, not a blacklist. And at the age where it becomes suitable for children to be on the public internet, it is no longer ethical to be filtering their content imo.
I take it you don't have kids. The stacks of ads in apps for kids is nuts and Amazon will gladly feed them to you. Walk away for 5m to feed let's and come back to your kid watching a trailer for some dumb movie. Take it away because you have to avert your gaze for a moment and your 5m chore becomes a 30m tantrum. It's only been made worse by social distancing and no opportunity to learn how to interact with other people.
Think of it like a child safety lock: you only need them until they can figure them out. By the time they know how they work, you can have a conversation with them about being safe around the house.
On the matter of ethics, while I don't feel inclined to filter the world away from older kids, I'm firmly believe you're wrong. There's nothing unethical about making choices for your kids until they're old enough to make informed choices. The amount of garbage online (revenge porn, sexual degradation of women, red pills) makes easy for kids to find bad information at an age where they can't process is correctly. Parents determine what age that is because that's their role and it's entirely situational.
What you say here makes sense to me at least - but haven't you been arguing against just about any form of parent-set boundaries/rules elsewhere in this thread?
Well, let's say we find a compromise. You're paying for the internet, so you're entitled to set rules as to how people use it. But, if your child wants to pony up to, for example, buy a mobile hotspot, it's up to them to set their own rules for how it's used.
If your 2.5 year old is mature enough to manage that, then yeah, maybe they ought to be able to have unfettered internet access, too.
Filtering internet access for someone does not imply they are property; no legal system in the world (that I know of) recognizes or treats children as property. The idea that children should be permitted to do whatever they want so long as they can pay for it seems very backwards. We all know children aren't property, but we also know that parents have a responsibility to raise their children such that they are protected from things they may not understand yet.
To be honest, I was surprised to see you making comments like this, after seeing your programming skill, pretty reasonable takes about software, and discussions on Fedi.
I don't think that kids watching explicit content is something they should be doing, but treating them like property rather than someone you can genuinely influence the views of in a positive way is incredibly destructive.
Why not install an ad-blocker on the tablet and be done with it? If she's 2.5 and for some reason going to explicit sites with intention, you should be fast-tracking her to private schooling, not installing filters on information.
I see my job as a parent as including the following:
1. Protecting my child sufficiently that they will grow up to be a relatively non-traumatized adult.
2. Teaching them about life
3. Protecting others from my child
Obviously #1 and #3 are in tension with #2, as harm is part of life, and natural consequences are great teachers.
In public school where I live, the internet is required for at least some of their work starting around 2nd or 3rd grade. No reasonable filter is going to let me give them otherwise unfettered access to the internet at that age. I find having the computer in an area where I can see the screen is good. It's possible that 1.1.1.3 might be helpful in making it a bit harder for them to stumble something while my back is turned for 2 minutes cooking dinner or helping out a sibling.
Obviously there are limits to what I can do. I have one kid with PTSD that we closely monitored internet usage for at home, told the school she ought not be on any internet connected evice in class, but still managed to cyberbully a classmate to the point where the victim withdrew from school by editing a shared google-document during classtime.
Another kid was shown some fairly extreme pornography in 2nd grade by an older student who had a cell-phone.
Police? No, in this scenario, that’d be your parents. It’s configurable what it blocks (or it will be, and this product is just the MVP of that product):
> In the coming months, we will provide the ability to define additional configuration settings for 1.1.1.1 for Families. This will include options to create specific whitelists and blacklists of certain sites. You will be able to set the times of the day when categories, such as social media, are blocked and get reports on your household's Internet usage.
Also, re: “how they evaluate websites”—most websites explicitly opt into being considered “adult content” by these filters, either by submitting themselves to the filter, or by adding meta tags to their pages to declare either specific content warnings, or a category of some age-rating taxonomy (usually a country-specific one repurposed from that country’s film/TV rating system, but crawlers make do.) Unlike malware, “adult content” is not adversarial to the ecosystem it’s a part of.
If they had added this to 1.1.1.1 itself, I'd agree this would be a huge overreach, but they're just adding some additional options for those who choose to manually set their resolvers to one of the new ones.
I personally wouldn't use any of the filtered ones, but lots of companies provide free resolvers with blocklists like these. I don't really see how anyone could be fine with the existing 1.1.1.1 resolver but have a problem with this announcement. (If they were also against the original 1.1.1.1 resolver, then I can at least understand their being opposed to all of them.)
What does any part of this product have to do with discriminating against gay people? This is clearly aimed at parents trying to allow their young children safe access to the internet by blocking adult content. I'm not fan of content blocking in general but you have to concede that parental controls are a very normal in technology and exist for a reason. I find it absurd that some of the comments on this thread are implying that the act of blocking say a 2 year old from stumbling upon pornographic content is abuse.
> What does any part of this product have to do with discriminating against gay people?
It might not discriminate against gay people but it discriminates against child people (including people who have not moved out of their homes yet due to various reasons and are stuck in an ultra-conservative household)
> I find it absurd that some of the comments on this thread are implying that the act of blocking say a 2 year old from stumbling upon pornographic content is abuse.
I am pretty sure that they do not care about 2 year olds. More like they care about 13 or 16 year olds having censored internet access.
I guess it depends on the type of police you interact with.
UK policing is built on community consent. Law enforcement is part of their duty, but so is having a discussion about what the community want’s enforced and how.
It’s not unusual for UK police to kindly ask you to not do something and go home, and only escalate to handcuffs if you continue to ignore them.
I would still disagree with that. Enforcement is part of their role, but not their entire role.
You can absolutely tell a police officer to piss off, and if you’re not doing anything illegal there’s nothing they can or will do.
Police officers don’t just get involved in crimes. They also have a huge role in discouraging asocial (but completely legal) behaviour. The idea that policing can only be done with enforcement and a stick is completely false.
With regards to your point regarding a HN person on the internet. They’re on the internet, not in front of me, that’s a much bigger factor than if they’re a police officer or not.
> With regards to your point regarding a HN person on the internet. They’re on the internet, not in front of me, that’s a much bigger factor than if they’re a police officer or not.
The web context is our context though.
And there is a question about what policing is without enforcement. The reason why police can scare people with mere conversation is because they're not sure about the law in any situation. I presume that an attitude of "I know the law" is a dangerous play anywhere in the world with the police.
Just because American police have become incredibly militarized and rely on violence and the threat of violence to get their way, doesn't mean it has to be that way.
It's also possible to get people to do things because they respect the authority of the officer. "If this cop says I am being an asshat and should stop, maybe I am being an asshat and should stop." This is what people mean when they talk about soft power.
> It's also possible to get people to do things because they respect the authority of the officer. "If this cop says I am being an asshat and should stop, maybe I am being an asshat and should stop." This is what people mean when they talk about soft power.
Blindly following what the authority says is a gateway behaviour to fascism.
Regardless, this does not seem like a soft power and it is going to happen in the police of any counrty. If you do not follow what they said you are going to be in trouble after all. And no matter the country they DO rely on the threat of violence, this is the whole point of the police, their words are backed with a legal (or illegal) threat of violence.
Compare it to some random citizen telling you not to talk loudly because their child is sleeping. They do not have a state-backed ability to cause violence, and if they did try to attack you, you could go to the authorities.
> I thought police were about enforcement, not bilateral conversation with intellectual respect.
If you want to get into semantics, consider that Congress or Parliament (or whatever) are supposed to be that bilateral conversation that formulates policies for police to enforce. So in that respect, you could say they too are "policing" like OP is here.
There is no "enforcement" component to what cloudflare is doing. You can either use it or don't.
Now, you might say children are oppressed when their parents enforce these restrictions on them, but I'd say back that my children live under an oppressive government (me). They don't have the requisite life experience to participate in a high-stakes decision making democracy yet.
> Don’t use it. Problem solved. You’re being a moral policeman too.
I was just talking about you, and what I see as "No, _you_ are the moral policeman." ddevault is going to morally police you? With HN comments? Like having a conversation with the UK police, or Congress making laws?
How is a service, that you are completely free to use or not, any kind of “police”? This could be useful solution for a household with children, or with several naive users on Windows machines: one central mechanism to keep malware away from them. If you don’t like it, how does it affect you?
Wait till you find out that children are forced into many things without their consent, from attending school to being grounded in their rooms. It's like a mini-North Korea, right?
>Sure, it may not be the most grievous occurrence of it, but that doesn't change the fact that it is, in fact, policing.
Only if you hate language and you purposely warp definition of commonly understood words and concepts to support your conclusion or ideology. Raising children by imparting morals, and providing structure and constraints is NOT authoritarian policing. Those are two different things.
And though children certainly are humans (who actually claims otherwise?), they are not endowed with the same societal rights and responsibilities that adults are. This is why you can ground a child, but not an adult. Most people understand this distinction instinctively. You, on the other hand, have some trouble there.
Fallacy of relative privation (also known as "appeal
to worse problems" or "not as bad as") – dismissing an
argument or complaint due to what are perceived to be
more important problems. First World problems are a
subset of this fallacy.[95][96]
Only if you hate language and you purposely warp definition of commonly understood words and concepts to support your conclusion or ideology.
I'm fairly certain this is what you're attempting presently.
Raising children by imparting morals, and providing structure and constraints is NOT authoritarian policing. Those are two different things.
I (and they) said policing. You can call it authoritarian or you can choose to refrain from that. It's still policing.
And though children certainly are humans (who actually claims otherwise?), they are not endowed with the same societal rights and responsibilities that adults are.
Humans can dissent, and have certain natural rights. If you agree that children are humans, then coercing them into something without consent is policing. While you can say that you've got the right to partake in policing, there doesn't seem to be a case for the idea that it isn't policing.
Most people understand this distinction instinctively. You, on the other hand, have some trouble there.
Plenty of people understand things instinctively. This is why stoning women to death still happens in certain parts of the world, and was also the argument for owning slaves. Just because something is "instinctive" for certain people doesn't mean that it's correct.
Changelog on this comment: removed a bit of personal information because I figure making myself easier to identify isn't worth it for a message board argument.
If you think of this as putting Playboy and Penthouse on the top shelf of the magazine rack behind an opaque cover more so than locking them inside a drill-proof, pick-proof safe, maybe it makes more sense? (You know, back when they still had print editions.)
It just seems obvious that making porn slightly harder to get to than disney.com is a smart move if you're a parent. Make it so that a typo in a URL doesn't splash hardcore porn in one click.
And sure there are lots of ways to accomplish this. Cloudflare is just providing one more and I personally like that. Even as a techie, I really hate doing network stuff at home and will be taking a close look at this at least after the configuration options become available.
I currently use AdGuard's DNS offering that blocks many surveillance IPs plus adult content. Will have to compare offerings.
I totally understand the critique of this from the political war zone they're diving into, but not from a "it's not perfect so it's stupid" perspective.
Theres an easy way to get around this too, firefox has the option to do dns over https, encrypting your dns queries, and if you force encrypted SNI, theres no way your DNS queries are getting hijacked and the router cannot see what sites you are visiting. And no, this doesn't require someone to be technical, and a kid could do it easily. Whats even more interesting is that schools and other public internet places can no longer block certain websites or content, and logs are no longer effective since even the website address is encrypted. You can stop ESNI by disabling https altogether, but obviously that wouldn't be a reasonable solution.
Then again the goal is to not completely lock down the system so that no one could ever abuse it. Its more like the lock on your front door; it can be worked around (ie. picked, broken, etc.) but you still install it.
I’m amazed how well twitter works to prevent leaking adult content into main feed. I guess facebook and reddit does that too, but they are much more likely to have disinformation posts. That said twitter ruined topics by removing some important groups and autofollowing some totally random groups.
honest question, why do you care how they evaluate 'porn' websites? as long as we're still capable of switching between 1.1.1.1 and 8.8.8.8, what's wrong with providing this additional service? it really doesn't have to be a joke...
Because it tells governments it is possible to do. Years later we may start seeing devices with DNS servers hard-codded to this. And also because blocking like this is not very effective. You can't block every "harmful" website on the internet, plus there are various proxies. And what is "harmful" anyway, who decides? This also brings questions - are there already blocking something on 1.1.1.1 or will they propagate some blocks from 1.1.1.3 back to their main server? Any blocking is very wrong and may cause freedom reduction in the future.
After the second or third (people debate if the third originated there) white supremacism-motivated mass shooting was announced on one of their many "National Socialist" boards shortly before it took place, with the owners refusing to do anything about it, removing them as a customer is more than understandable. The original creator (Hotwheels) had vehemently disavowed and condemned the site and its owners at that point.
Aside from the business impact of tons of customers and the media (rightfully) condemning Cloudflare, and all the potential legal implications, dropping them was the only ethical thing to do. I'm a staunch defender of free speech and opposer of censorship, but when people are being mass-murdered, with more people at risk of being mass-murdered in the future, it's no longer just about speech. At the time of the mass shootings, the majority of boards and posters on the site were supportive of or affiliated with violent extremism and domestic terrorism, and their admins made no efforts to curb that (even if they didn't endorse it). Show me a single US or European company who would still provide infrastructure/networking for them after that point.
Considering their only two incidents of stepping in were that and The Daily Stormer, I'd say they probably have one of the best track records when it comes to freedom of speech and acting as a neutral traffic carrier.
Any domain that hosts user uploaded content is gonna be banned, unless they're big like twitter or facebook. This is the worst. I'm glad I never gave Cloudflare a dime.
$ host www.sex.com
www.sex.com is an alias for dmz01.cdn.live.
dmz01.cdn.live has address 15.222.131.21
$ host www.sex.com 1.1.1.3
Host www.sex.com not found: 5(REFUSED)
$ host www.nothing 1.1.1.3
Host www.nothing not found: 3(NXDOMAIN)
I hadn't noticed a DNS REFUSED response before. That seems reasonable, although a web browser's error message doesn't differ between REFUSED and NXDOMAIN.
While anyone technical can easily get around DNS filter it is a nice option for helping prevent accidental exposure to pornography.
I'm looking forward to when the customization options are available as an alternative/addition to OpenDNS. The morality police argument doesn't seem to hold much water if they are going to let you whitelist or blacklist anything you want or turn categories on or off.
I can imagine some impatient parents will start black listing Kidz Bop videos or anything else that bothers them. It will also lead to some very creative punishments. Like blocking online gaming.
No. But I'll have to check it out. Do you use it and the mobile apps?
Do you have problems with connecting to public wifi when running the app? I've noticed setting the DNS locally on a computer throws off the local library wifi that has the captive page that makes you agree to terms before proceeding.
On Android I set it as custom DoH. Have not used the app. Unfortunately, as with all DNS based blocking, you run into random pages that dont resolve, and need to turn it off. Due to the infinitely many knobs, I dont know which list is blocking it from the error page, just that the page cant be founbd.
My friends who grew up in the middle east: Remember how our ISPs used to block "adult content". Did that stop anyone? It just lead to repression and a black market. On the bright side, circumventing those blocks as a kid got me interested in computers in the first place.
Regardless, it is an interesting service. I would imagine that corporations, who have the tech support and need, will find this more useful than non-technical families.
> On the bright side, circumventing those blocks as a kid got me interested in computers in the first place.
Porn really is the driver of many technical innovations. Home movies and online financial transactions, for example, wouldn't be where they are today if people weren't so dedicated to watching other people smush.
It’s not a good idea to trust a single large organization with your data, even if they make claims to privacy. It’s even worse to let them control what get censored and what gets through.
If you care about privacy, I recommend running your own resolver with Unbound, and block ads/tracking/malware/adult content etc. using Pi-Hole.
* Just porn
* Erotic content (eg lingerie shops)
* Any sexual content (eg Wikipedia article on anal sex)
* Or also e.g. medically relevant (sex ed, abortion provider sites, ...)
* Gore, violence, videos of people dying ...
* Information on or shops for drugs
* Content on terrorism, weapons, manuals to build bombs
* Content on Al Qaeda, Scientology and other extreme/dangerous religious stuff
* ...
"The National Investigation Agency (NIA) believes that a US-based blog that collects and analyses communications from terror organisations and is used extensively for academic research was one of several “jihadi sites” that was used to radicalise a young person from West Bengal and encourage him to become an ISIS member"
Most terrorist recruitment happens on sites like instagram, facebook, tiktok, etc anyway.
"The Police Service of Northern Ireland has said that it is investigating reports that social networking sites are being used to recruit children - some as young as 13 - into dissident Republican groups.
The news comes as Northern Ireland faces an upsurge in activity by dissident Republicans. Last month, for the first time in over a decade, a British soldier was killed in Northern Ireland."
What other lifesaving resources for young queer folks are your DNS filters hiding? How did you source this block list and what sort of transparency do you expect to provide ?
You should be ashamed of yourself for working on this product. It is evil, and will have evil consequences. It is intrinsically homophobic. It will be used to abuse vulnerable young people.
"Not for kids" varies widely in the western world.
The average American seems happy with plenty of violence, but any nudity at all is strictly off-limits.
I can't write "average European" for this, but most would prefer less violence and accept more nudity. There's still plenty of difference within Europe.
There are also websites that are for teenagers, which some parents would be uncomfortable with -- LGBT support and advice sites for example, or even general sex education.
The US has a common film rating system for all cinemas etc, which is at least some standard the whole country is implicitly supporting.
Europe doesn't, and so a film can receive different ratings in each country.
The first film I found searching for a good example of this, Eight Grade, is rated suitable for children in Luxembourg, Spain, Sweden etc, and 15 year olds in the UK and Ireland -- with the UK possibly more concerned with the language than the sex.
> There is strong language ('fk'), as well as milder terms (for example, 'dick', 'shit', 'goddamn', 'God', 'Jesus Christ').
> Sex
> There is a scene in which a web search shows a woman explaining a sexual technique, accompanied by strong sex references.
> There is also a scene in which a young teenage girl suffers a panic attack, as well as one in which an older teenage boy tries to pressurise a younger teenage girl into having sex; however, she does not agree to this.
I don't know enough about BBFC to say which of these they place more importance upon.
(Eighth Grade is a very good film btw, and A24 are currently my favourite film production / distribution company).
But blocking your kid from having access to sexual education does not sit right with me, and I can imagine how they might not have proper sex ed at school or not be comfortable discussing it with their parents.
DNS isn't appropriate for filtering porn or ads. It's easy to get around and not fine-grained enough. In fact, the largest porn site in the world is unblocked.
$ dig @1.1.1.3 reddit.com
reddit.com. 298 IN A 151.101.65.140
And the largest advertising and tracking site.
$ dig @1.1.1.3 pagead2.googlesyndication.com
pagead2.googlesyndication.com. 262 IN CNAME pagead46.l.doubleclick.net.
pagead46.l.doubleclick.net. 262 IN A 172.217.7.2
I'm surprised Reddit hasn't gone the way of Google/YouTube and allowed a safe browsing filter via DNS. All NSFW subreddits are already marked as such (same with many individual posts) so it seems like it would be an easy filter to add if accessed via the "safe browsing" load balancer IP.
Reddit also has a flag inside of their api called `nsfb`: Not Safe For Brand. They'll let you post it, and they'll host it, but they don't want most people to know that they'd host it, so they hide it from public, not-logged-in sections of the site.
It's really shameful; they need to stop the hypocrisy and either become a content-neutral host and own the consequences, or censor arbitrarily, and own the consequences. They're trying to have their cake and eat it too, and it's entirely unfair, much in the same way shadowbanning is.
> Reddit also has a flag inside of their api called `nsfb`: Not Safe For Brand. They'll let you post it, and they'll host it, but they don't want most people to know that they'd host it, so they hide it from public, not-logged-in sections of the site.
I think you are confusing NSFB (brand_safe) with quarantining.
Quarantining is used for subs which are borderline being banned. Subs with frequent racism, subs with very fringe ideas (like 9/11 conspiracy theory). You need to login to view them, so they don't turn up in Google search etc. Example: https://www.reddit.com/r/911truth (try that link in a private browsing window if you are logged in to Reddit)
I don't think the brand_safe field is exposed in the public API any more (I presume it probably still exists behind the scenes). But my understanding of what it means, it is supposed to mark subs which are not advertiser-friendly. For example, subs that discuss controversial topics such as politics or religion. Anonymous users can view these subs fine and they turn up in Google. But, Reddit will display their own ads instead of third-party advertiser ads. Most companies don't want their advertising to pop up in the middle of a debate about whose religion is more correct, or what the Bible/Quran/etc has to say about sexual morality, it is bound to create a bad association in someone's mind.
While logged on to Reddit, I noticed a particular post would not load due to HTTP error 500. I didn't see anything about an outage on downdetector, so I copied the URL into ceddit and the page pulled up fine, and it was there that I noticed the NSFB tag. I've seen this same behavior on a few other posts since that time, which makes me wonder if this is intentional. At this time I've been unable to locate any reading that would back up that theory.
It's a realistic approach to navigating the real world where there are bills to pay, Reddit Gold isn't going to cut it, and advertisers don't want their brand associated with random NSFW/NSFL content.
I don't get this obsession with browbeating every content provider not living up to these Stallmanistic extremes.
Reddit should not have to give up any sort of protection for allowing advertisers to not have their ads show up on certain subreddits, or censoring Nazis.
If Reddit of all sites is what we're calling shameful, there is no hope.
What else can you do? They're happy to host communities they don't like but don't want them as part of their public image.
The kind of content that's quarantined (because nsfb is an advertising thing) isn't "political variation." They're absolute cesspools hate, doxxing, threats of violence. Were these communities gathered in a physical room I would genuinely feel unsafe.
Reddit actually has a good amount of political variation and opinion. A staggering amount of Redditors are authoritarian conservatives by their opinions given how often people say Reddit is full of bleeding-heart liberals, but they would never associate themselves with the Republican party or "conservatives".
as we've seen in recent years, social media is a highly effective platform for influencing people. in general, the platform is immune to legal repercussions for stuff that users post, because it isn't construed as the company's own message. this leaves the door open for a "neutral" platform to influence people through selectively moderating certain content.
people here aren't demanding that reddit (and other sites) let people post whatever they want. they are asking for sites of a certain size to actually be neutral as a condition of safe harbor protections. to me this seems pretty fair. if you have millions of users and exercise editorial control over the content, you should be on the hook for what's left.
You know, you can run your own DNS which points at that one, and implement additional rules. That seems like less work than just using your ISP's DNS and needing to implement more rules.
Reddit isn't a porn site in the sense that if you go to "reddit.com", you're automatically shown porn. It's a diverse site that has adult content areas.
Reddit has profile settings like:
[ ] NSFW content hide images for NSFW/18+ content (Don't show thumbnails or media previews for anything labeled NSFW)
[ ] I am over eighteen years old and willing to view adult content (required to view some subreddits)
Needless to say, these are implicitly off or a visitor to the site who does not have an account.
Still, Reddit will not prevent visitors from seeing "adult content" in a more general sense:being exposed to adult discussions that can touch on any sort of topic from any angle.
If we're talking about protecting kids, I think a whitelist of allowed sites will be better than a blacklist, which is intractable.
>Reddit isn't a porn site in the sense that if you go to "reddit.com", you're automatically shown porn. It's a diverse site that has adult content areas.
and
>DNS isn't appropriate for filtering porn or ads
So, if you're trying to filter porn out, dns doesn't work because of sites like reddit.
DNS is passive, network wide and works extremely well overall. It isn't iron clad, it isn't 100% and it isn't the only thing you can use. That doesn't mean it doesn't work.
It's not going to work if you think that a black list will do it, and the problem isn't sites like Reddit, but actual porn sites (and such). You cannot have a complete, accurate black list, let alone maintain it that way.
For kids, a whitelist of approved domains should work. If you don't think Reddit should be on it, you don't add Reddit. No brainer.
The problem with DNS is mobile devices; your custom DNS runs only in your own intranet, not whatever devices connect to.
Undoubtedly there are hacks for that, but they are mucky compared to the pure DNS solution, which can be perpetrated entirely externally to devices.
Again, this is one element that is very easy and extremely effective for the amount of effort it requires. You can still change DNS on individual devices if you want. You can still use local adblockers. You can still make individual devices use dns whitelists.
Do you do all of the your movement with a car? No, it doesn't work well for very short or very long distances. That doesn't mean it doesn't work.
A better question might be how much harder perfect is: this will block a ton of stuff quite reliably and with almost no setup effort, and that includes a lot of sites where I’d worry about malware (remember when people were getting rooted by free video players?). Filtering something like Reddit requires installing invasive software with a history of security and privacy lapses on every client.
But, the growing availability/awareness/popularity of such DNS-driven solutions should incrementally increase the likelihood that firms like Reddit choose to segregate/label their sections by IP address.
I have little kids and don’t want them to accidentally stumble onto malware or porn sites. But I still don’t like this kind of policing happening at the DNS layer. Even more do given his their previous service became a huge success.
Btw I see some resemblance with google here. Initially they were all “do no harm”. Only after they captured the whole market we realized we shouldn’t have succumbed to free shit. These guys are following the same model. Give free shit and get traffic, even though they lose money. They themselves claim they only charge businesses not consumers.
> I have little kids and don’t want them to accidentally stumble onto malware or porn sites. But I still don’t like this kind of policing happening at the DNS layer.
Where do you set up the filtering or accountability? With so many connected devices in houses I've found DNS is common denominator. It's perhaps the easiest to circumvent, but it covers all the mobile devices, gaming consoles, etc. that are connected to my home network.
My kids are too young to circumvent things, but if they start doing that I'll be equal parts proud and preparing for a loving talk.
Right, and IMHO by the time they're old enough to start circumventing the filters then they're old enough to see the content. It's a self-enforcing gate. You're not mature enough to see the content until you're mature enough to circumvent the filters :D
YouTube says "Some results have been removed because Restricted Mode is enabled by your network administrator." when I'm on the Family DNS. How does this work? How can they know what DNS I'm using?
> YouTube Restrict works by re-mapping YouTube IP addresses to the CNAME restrict.youtube.com (or restrictmoderate.youtube.com). It means that instead of visiting YouTube at their normal IP addresses, you will re-route the traffic to a special load balancer provided by Google that will block access to non children friendly videos.
Sadly, the trend for browsers to bypass system-level DNS resolution in favor of DNS-over-HTTPS means this kind of filtering is quickly becoming obsolete.
You could also user a policy.json for Firefox to permanently disable it. I don't see Firefox dropping this option as it is important for enterprise users.
1.1.1.1 for Families doesn't seem to support the canary domain so by default Firefox would bypass this service.
Also the canary domain only works if Firefox is not explicitly set to use DoH. If using DoH has explicitly been set by the user than the canary domain has no effect.
Edit: Some testing seems to show that Mozilla has lumped these in with a select few others and will not bypass them when DoH is the default instead of explicitly selected even though they don't report the canary domain as an error. It will bypass them when DoH is explicitly enabled.
Stopped using Cloudflare's DNS some weeks ago. I got from time to time errors (no page showing, forgot the exact error message) which never happened with Google's DNS. FYI I'm using DoT (DNS over TLS) on the router exclusively and I'm not living in USA.
(I’m not the OP) My experience was that 1.1.1.1 didn’t interact well with captive.apple.com so I had a lot of confusing experiences on planes and airports, and eventually had to stop using it.
Op here. No, never reported it. But I think I've read somewhere (this is only unvalidated speculation now) that Google DNS and regular DNS do more fallbacks and are working also with not well configured DNSes where as Cloudflare is more strict but I don't have time to validate that. For me it's easier to just switch my DNS and go on.
I read two pages before I realized this was obviously an April 1 joke. Then I got to the "Not A Joke" section. What??? I don't think Cloudflare should be in this business.
Also, how are they going to make this configurable like they write? Tie the configuration to the IP address? What if someone has a shared or dynamic IP address?
> Also, how are they going to make this configurable like they write? Tie the configuration to the IP address? What if someone has a shared or dynamic IP address?
Likely the same way as opendns, nextdns, and a ton of other dns providers who do the same. It's for home use - if it doesn't fit your home use case, then use another filter.
As a general response to negativity here (which seems to largely stem around technical concerns over what is implemented and how), I think this is cool and fine.
As a kid I would have figured out a way to get around this, and that would have been part of the fun, but, this option adds more choice to the market and that is a good thing.
I'd love to hear the pros/cons of filtering adult content at the DNS resolver level. I'm assuming the (current) lack of whitelists, along with a black-box algorithm to decide what constitutes adult content, reduces the usefulness.
The pros are obvious. The cons, irrespective of what is blocked, are very similar to the problems with DNS hijacking that ISPs and others have done over the years. It affects all protocols, not just HTTP(S). It affects everything from turning IP addresses in logfiles into domain names, through double-reverse-lookup checks in TCP services, to SMTP electronic mail.
Block advertising this way, and one hits the further problem that one often wants to operate based upon more than just the domain part of the URL. Or one wants to do things like make temporary redirects to static placeholder images. Fiddling with DNS service cannot achieve these.
I'm a network administrator for a small private school and this seems like it would be a good solution for us. We generally try to keep the kids away from the "bad" sites and their systems are mostly locked down (managed iPads and Chromebooks).
In the past we used OpenDNS for DNS filtering and it worked pretty well. Then they were purchased by Cisco and the prices went up and functionality went down. If CloudFlare can offer some management capabilities (ie. whitelist / blacklist) we would switch in a minute. I can't wait to see how this product matures.
I was a little put off by this at first but can see why people want it and happy they offer isolated malware filter (what ever that means, still skeptical) and adult + malware filter.
There are well circulated lists of dns names that are known to host various types of malware, and I am assuming this implements one or more of those lists. They have stuff like: botnet C&C domains, domains that have been hijacked to run exploits, domains that port scan the entire web just to run exploits at random, domains that mail out malware in spam, etc.
Adult content is notoriously hard to filter on since nobody can agree what qualifies, and pretty much any site with user-generated content has content that is objectionable to someone.
Do you filter Wikipedia as "adult content"? Certainly one of these[1] images qualifies under most standards?
There are lots more examples than Wikipedia, although that's a good one. Reddit, Twitter, and YouTube are other examples where you can find adult content if you're looking for it, but if you block the whole site, you block a whole bunch of useful and in some cases educational content along with it.
Now all that being said, this is a decent enough way to at least block the obvious stuff like Pornhub. For some, that might be good enough.
I have never seen the wikipedia "bad image list" before - and I am confused ... after clicking on a few of these images, randomly, every single one (under File Usage) reports:
No pages on the English Wikipedia use this file (pages on other projects are not listed).
... so why do these images persist in the wikipedia ?
Thank you for that link, reading through the filenames was quite humorous. Agreed, what is considered "adult content" varies significantly between people, and whether children should be able to access what is considered medical/anatomical reference is a frequent argument.
Filtering out ad websites would be more useful for me. I'm using https://pgl.yoyo.org/adservers/ with my own DNS, but probably big website like Cloudflare could block even more ad websites.
For everyone complaining about the porn filtering, That malware filtering will actually be a godsend for companies.
Running an extra internal dns server just to do 'last chance' filtering is extra maintenance i don't want to have to do. I'd much rather let cloudflare do that.
> Cloudflare's business has never involved selling user data or targeted advertising
The cloudfare site calls googletagmanager.com, marketo.com, linkedin.com, and bizible.com. Do any of these sell user data or support targeted advertising?
What are there other solutions for filtering content? My kid is very far from getting any screen time but my imagination always was just block everything except kids wiki and maybe some other sites (dunno yet at this point).
I think an all encompassing system like this as a sort of big government watching every move we make for "our benefit". It's probably wiser to install a _tiny_ software that blocks unwanted content that you can uninstall than to give power to a giant entity monitoring every site you visit online.
Sure you can change your country at an individual level but why create a problem in the first place.
this seems like a disturbing trend for the company that often championed the idea of a free and open internet. First they dropped the Daily Stormer as a customer, then 8chan, then chimpmania which was terminated with a change.org petition. Now we have a new service no one asked for that seeks to block lewd websites and "malware"?
Whats changed? did Matthew prince suddenly give up on free speech? or is it just another way to identify a target demographic.
You do realize that the comment you're replying to said "not tech people", right? Do you really think a person that isn't a "tech person" would understand any of the acronyms or terms in this sentence?
On the other hand, it might lead to the next generation of children who kick their technical careers off by figuring out how to circumvent censorship and that despise the companies enforcing it.
My dad at some point put a password on the BIOS to restrict my PC usage. That's when I learned the motherboard has a standard "watch" battery which when taken out does reset all of the BIOS' settings.
$ host www.glaad.org 1.1.1.3
Using domain server:
Name: 1.1.1.3
Address: 1.1.1.3#53
Aliases:
Host www.glaad.org not found: 5(REFUSED)
Looks like some things don't change. This is the kind of shit Peacefire was exposing back in the 1990s: Completely innocuous GLBTQ+ content being labeled as "inappropriate" by content censors. And Cloudflare doesn't even have the figleaf excuse of having a financial incentive to dance to the tune of the kinds of people who think GLAAD is somehow inherently bad.
$ host www.peacefire.org 1.1.1.3
Using domain server:
Name: 1.1.1.3
Address: 1.1.1.3#53
Aliases:
www.peacefire.org is an alias for peacefire.org.
peacefire.org has address 65.181.125.58
peacefire.org mail is handled by 10 mail.peacefire.org.
Host www.thetrevorproject.org not found: 5(REFUSED)
That's a site for teenagers with "trained counselors are here to support you 24/7. If you are a young person in crisis, feeling suicidal, or in need of a safe and judgment-free place to talk, call …"
It's also exactly the type of site that's first on the list of examples of what not to block, by any privacy / anti-censorship group. It should have been an easy test before launching.
This should definitely not be the case. We are getting this fixed. We will have a reporting page up shortly to also make it easier to report these type of issues.
Everyone involved in this product should be ashamed of themselves. It is intrinsically designed to increase the abuse of gay kids and those of any other minority sexual grouping.
% host www.glaad.org 1.1.1.3
Using domain server:
Name: 1.1.1.3
Address: 1.1.1.3#53
Aliases:
www.glaad.org is an alias for live-glaad.pantheonsite.io.
live-glaad.pantheonsite.io is an alias for
fe1.edge.pantheon.io.
fe1.edge.pantheon.io has address 23.185.0.1
fe1.edge.pantheon.io has IPv6 address 2620:12a:8000::1
fe1.edge.pantheon.io has IPv6 address 2620:12a:8001::1
$ host stormfront.org 1.1.1.3
Using domain server:
Name: 1.1.1.3
Address: 1.1.1.3#53
Aliases:
stormfront.org has address 104.22.7.143
stormfront.org has address 104.22.6.143
stormfront.org has IPv6 address 2606:4700:10::6816:68f
stormfront.org has IPv6 address 2606:4700:10::6816:78f
stormfront.org mail is handled by 10 dc-c5d58999adca.stormfront.org.
There seems to be a distinct political stand being made here.
Edit: I missed this text:
> In the coming months, we will provide the ability to define additional configuration settings for 1.1.1.1 for Families. This will include options to create specific whitelists and blacklists of certain sites. You will be able to set the times of the day when categories, such as social media, are blocked and get reports on your household's Internet usage.
Regardless, I am still opposed to this service, and opposed to all forms of internet censorship and spyware. CloudFlare is already really bad for the internet, and this isn't helping their case.