Re: Kids bypassing firewall via web proxy sites

Triffid wrote:
> Effective security requires physical, logical, and administrative
> controls working in concert. Technical people prefer logical controls
> because they can understand and manage them. The fact that most logical
> controls (e.g. content filters) can be circumvented does little to
> diminish their value, it merely reinforces the fact they cannot solve
> security problems by themselves.
>
> Volker and Sebastian claim the ability to circumvent any logical
> control, therefore such controls are useless.

Which is true from a security point of view. Whether you use these
filters or not is up to you, but since skillful/determined people will
get around them they are not security measures.

> Leythos says we know in advance what users need, therefore block
> everything else.

Which is, of course, plain wrong.

[...]
> Security is hard work because, to be effective, you have to find a way
> to get everyone to understand and participate.

To my understanding that's the point Volker is trying to make, though he
tends to be a little too brief in his comments. Educate your users. Do
not try to confine them with technical measures instead of educating
them.

cu
59cobalt

-- 
"If you think technology can solve your security problems, then you
don't understand the problems and you don't understand the technology."
--Bruce Schneier