TalkTalk HomeSafe Proves Popular with Users

August 30, 2011

TalkTalk’s HomeSafe service has proved a hit with users since being launched in May 2011, with over 100,000 customers opting to turn on the system. The Kids Safe and Homework Time filters have blocked over 500,000 browser sessions, helping parents provide a safer environment for their children online.

HomeSafe’s Kids Safe network filter gives parents the option to block different categories of content (as described in this HomeSafe article). According to TalkTalk, the most popular categories of sites parents choose to block are, in descending order:

  1. Suicide and self harm
  2. Pornography
  3. Weapons and violence
  4. Drugs, tobacco and alcohol
  5. Dating
  6. Gambling
  7. File Sharing
  8. Gaming
  9. Social networking

Some people may be concerned about how the system works, what data is stored and what is inspected. We asked Matt Bird, the Head of Product Management for HomeSafe some questions about this. As shown by his responses below, HomeSafe stores no user data and only inspects and compares sites to a list for potential blocking if the customer has opted in:

  •     Q: How automated is HomeSafe and what human input does the system have?
  •     A: The solution is automated but we keep checking categorisation of new sites and modify category classification based on customer feedback (the block page has a report button that logs the website and current category, we check all reported sites and re-classify the website if necessary. This has been 700 websites to date).
  •     Q: Does HomeSafe only inspect traffic from customers who have turned the system on or does the system also inspect (but not act on) traffic from customers not opted in to HomeSafe?
  •     A: HomeSafe checks websites for viruses/malware based on an anonymous list from websites visited by our customers.  For the parental control features we only inspect and compare to a customer policy if they have opted in.  Clearly the customer has to opt-in to get any block pages.
  •     Q: Do all internet service providers inspect traffic anyway?
  •     A: As an Internet Service Provider, we need to look at packet headers, to know there to send them on the Internet.  HomeSafe looks a little deeper at the Website address, to know where they are trying to connect.  We don’t look any deeper, for example customer data.  HomeSafe is a closed system, in that there are no records of which customer goes where.  I can’t tell which websites any customer visits or who received a block page.

Hopefully this will encourage people to take up the HomeSafe solution, which helps protect children from inappropriate web content in an anonymous way without tracking or storing any user data.

MPs launch Parliamentary Inquiry into Online Child Protection

August 26, 2011

On 23 August 2011, Claire Perry, MP for the Devizes Constituency and a cross-party group of more than sixty Members of the Houses of Parliament announced the formation of a Parliamentary Inquiry into Online Child Protection.   The inquiry will take evidence over the next few months from parents, child protection experts, Internet experts and Chief Executives or senior managers of many of Britain’s largest Internet Service Providers.  The group will report to Ministers in November.

 Commenting, Claire Perry MP for the Devizes Constituency said:
Parents are understandably worried about the ease with which their children can view pornographic content on the Internet and this Inquiry will provide the ideal platform for all interested parties to discuss how best we can protect our children online.”

Communications Minister Ed Vaizey said:
The Internet is a powerful tool for education and entertainment but there is material online that is not suitable for children.  Parents need to have the right tools to be able to protect their children from inappropriate content. I look forward to receiving the Inquiry’s report and seeing their conclusions.

Over the course of two evidence sessions, this inquiry will seek to:

  1.  To understand better the extent to which children access on-line pornography and the potential for harm that this may cause
  2.  To determine what British Internet Service Providers have done to date to protect children online and the extent and possible impact of their future plans in this area
  3.  To determine what additional tools parents require to protect children from inappropriate content
  4.  To establish the arguments for and against network level filtering of content that would require an 18 rating in other forms of media
  5.  To recommend to Government the possible form of regulation required if ISPs fail to meet Recommendation no.5 from the Bailey Review.
It is good to see that the government is taking the issue of the impact of pornography on children increasingly seriously and that at last there seems to be a gaining political momentum to address this pressing issue.

Network Level Filters Campaign Updates

July 20, 2011

The call for voluntary network level filters capable of blocking pornography continues to grow. In the UK now over 70 MP’s have added their support to the idea, backing the campaign headed by Claire Perry. The adverse impact of pornography on children is becoming increasingly apparent. Also apparent is the increased demand on services offering help to children and young adults who struggle with pornography addictions.

If you want to get involved in this campaign then see SaferMedia for more information and follow Family Safe ISP on FaceBook.

Does Porn Affect Children?

Those who doubt the impact of porn on the brain and body would do well to read Mark B Kastleman‘s book on the subject.  The ProtectKids website provides a further sobering read of the impact of pornography on children. In a review paper Victor C. Straburger et al (Pediatrics March 10, 2010), state that nearly 50% of a sample of 1500 children 10-17 years old had been exposed to pornography, and porn exposure can be linked to earlier engagement in sex. It is also recognized that frequent pornography use among young men and adolescents, “intensifies attitudes supportive of sexual coercion and increases their likelihood of perpetrating assault” (Michael Flood, Child Abuse Review 2009). Yet more information on the impact of pornography on children and adults is found in this Mental Health Library review by Victor B Cline.

Network Filtering – A Tool in the Battle

Trying to limit childhood exposure to, and harm cause by, pornography, inevitably requires a multi-pronged approach. Parental involvement with their children is vital, as is the need to inform both parents and their children of the risks.

Various technological tools also exist, the most well know being computer based filters which have been around for years. A new tool in the bag are network filters, which provide a layer of protection for a whole network, or household, in one go. Often the Internet Service Providers (ISPs) resist the idea of network filters. BT talks of Parental Controls, but seems to want to keep network filtering out of the package.

One ISP, TalkTalk, now provides a network level filter as a free, opt-in, service to it’s customers. Called HomeSafe this allow the account holder to set filtering individually for several different categories, as previously described. In the first 6 weeks, over 50,000 TalkTalk customers opted to turn the filters on, showing the demand in the public for this kind of help.

We would like this kind of package to become a standard service provided throughout the ISP industry in the UK. Ideally, these filters should be set to ‘on’ as standard with the user able to turn them off at will. This will probably encourage the most people to engage with the issues of pornography use and it’s potential subsequent effects.

Obviously, no technological system is going to be fail safe. They all let some sites through and they all incorrectly block some innocent ones. They can all be worked around by the determined. But, by supporting the Network Filter Campaign, you can make a difference and see another parental control tool made routinely available for the increased protection of our children.

Bailey Report Recommends Network Filters

June 14, 2011

The recent Bailey Review highlights many different aspects of the sexualisation of children in society today. Entitled Letting Children be Children – Report of an Independent Review of the Commercialisation and Sexualisation of Childhood, the review also lays done some suggestions and action points that should be taken up by various industry sectors and government.

Among the areas looked at was internet pornography, so ubiquitous in our society that it is often considered to be part of the ‘Wallpaper’ of children’s lives. Various scientific disciplines are providing a growing body of evidence showing that exposure to pornography is not a harmless pastime. Especially for children.

The Bailey Review had the following to say to the Internet Service Providers, effectively the major distributor of pornography around the UK:

5. Making it easier for parents to block adult and age-restricted material from the internet: To provide a consistent level of protection across all media, as a matter of urgency, the internet industry should ensure that customers make an active choice over what sort of content they want to allow their children to access. To facilitate this, the internet industry must act decisively to develop and introduce effective parental controls, with Government regulation if voluntary action is not forthcoming within a reasonable timescale. In addition, those providing content which is age-restricted, whether by law or company policy, should seek robust means of age verification as well as making it easy for parents to block underage access. ACTION: Internet industry and providers of age restricted content, through UKCCIS.”

Elsewhere in the review a “reasonable timeframe” is defined as 18 months.

As Jane Turner recently noted in the Times newspaper: “..that computers and mobile phones might, as Bailey proposes, come with their porn filter switched to an “on” default is commendable not only because it will stop offensive imagery popping up unbidden, but more importantly because it is a statement of intent: a declaration that the internet is not an anarchic Wild West empire beyond governmental purview.”

The ISPs recognize the need to offer some protection, indeed many offer, or sell, PC based filters as parental control tools. While this is laudable, we would suggest that network level filters, turned on as standard, would provide another very powerful tool at the disposal of parents, as well as encouraging people to engage with the issue should they choose to turn the filter off.

Talk Talk has lead the way, recently launching their Home Safe service. However, it seems not many TalkTalk customers know about it yet, and it is not “on” by default. Perhaps this initiative, along with the Bailey Review recommendations, will encourage the other ISPs to follow suit.

No filter system will be perfect, but this would be another powerful tool within the Parental Control arsenal.

TalkTalk Launches Home Safe – Includes Pornography Filter

May 10, 2011

TalkTalk is the first major UK Internet Service Provider (ISP) to launch ISP side content filtering. Free to TalkTalk users, for the first time, this gives parents and account holders the ability to block some specific content before it enters the home in the first place. M0st people favour ISP level filters, a recent poll suggests, and this is a very welcome development.

Branded Home Safe, the free TalkTalk service provides three specific tools that helps parents manage internet access for the whole home at one source:

  1. Kids Safe:Currently switched off by default, when switched on there are several categories that can be individually blocked including:
    1. Dating
    2. Drugs Alcohol Tobacco
    3. File Sharing Sites
    4. Gambling
    5. Games
    6. Pornography
    7. Social Networking
    8. Suicide and Self-harm
    9. Weapons and Violence

    In addition, the user can enter the domains of up to 8 other specific websites they want blocked (not a lot, but a start).

  2. Homework Time: Currently switched off by default, this panel controls the time that Gaming and Social Networking sites can be accessed by the household. When turned on, the account holder can change the specified times to suit their needs, with an additional option to have these settings only applied on weekdays.
  3. Virus Alerts: Currently switched off by default, when switched on this setting blocks access to websites infected with viruses.

On the whole, this is an encouraging and welcome development, and makes TalkTalk the first major UK ISP to recognize the need for house-wide protection. Especially as traditional device-level (computer based) filters can not provide protection for the growing plethora of web-enabled devices.

We have not been able, as yet, to find out how the filtering system works, and neither can we obviously see options to report either sites that are being incorrectly blocked or suggest those that the filter is missing. These tools would also be very welcome.

As with any such technology, no doubt this one will be imperfect and have it’s problems. However, for the first time an account holder has an easy way to add a layer of protection to the whole house in one go. It therefore makes a very useful addition to other tools such as OpenDNS and computer filter / web-blocking programmes. And it is free to TalkTalk users.

As noted by TalkTalk in this  BBC report, these filters are not intended intended as a cure-all.  As a spokesman for the compnay said, “This is the most robust system that’s available but what it’s not is a substitute for good parenting.”

If you have any comments / experience or problems using the TalkTalk filters, then please post them. You never know, TalkTalk may be following.

Send Letter about Filtering to your ISP – Act Now!

May 4, 2011

If you agree that our Internet Service Providers (ISP’s) should provide filtering of pornography themselves as a tool to us to help us restrict access of this material by children within our own homes then let them know.  Nothing works better or faster than consumer pressure, especially if that consumer shows a willingness to move ISP should another introduce the filter first. Beneath the letter are the contact details for the various major ISPs.

Ed Vaizey, the minister for culture will be meeting with the ISPs again on the 18th May, and it would be great for these letters to arrive before that meeting. More about this can be found on Safermedia.

There are three simple things that you can do to help with this now:

  • Amend and print out the letter shown below and send it to your ISP (list if ISP addresses given beneath the letter). Email is good, but a sending a hard copy is better.
  • Send the same letter to your MP asking for their support as well.
  • Spread the word – Like the Facebook post about this, tell your friends, give copies of the letter to them etc.

The Letter:

Dear
URGENT NEED FOR AN ‘OPT IN’ ISP-LEVEL PORNOGRAPHY FILTER
As one of your customers, I would like to draw your attention to this absolutely vital issue. I am glad that you and many other ISPs will be attending a meeting with the Culture Minister, Ed Vaizey MP, in the House of Commons on 18 May regarding the introduction of ISP-level filters to block internet pornography. I believe this would be the best way for the industry to support parents and help us all ensure that children cannot access pornography. This is particularly urgent in view of the fact that technological convergence means it is now possible for internet pornography to be easily viewed on television.
I understand that research clearly indicates that viewing pornography leads to an acceptance of violent and unhealthy notions of sex and relationships, where the objectification of women and aggressive sexual behaviour are the norm.
This is why I strongly support the initiative, suggested by Claire Perry MP, to switch the default setting for internet pornography into our homes to ‘off’, so that it is an ‘opt-IN’ system. Please note:
This is not censorship, as an age verification system would allow over 18s to still be able to opt IN and have their supply of pornography restored on request. 
  • Only an opt-IN system (and not opt-OUT) will provide the safest level of protection that is so urgently needed (Opt-OUT would still put the onus on fallible users to take action to have the porn blocked).
  • This would be family-friendly and likely to attract more customers.
I urge you to support this ‘opt-in’ filter as robustly as possible at the meeting on 18 May, and also apply it to all your services and for all your customers without delay. It is so important to protect our children and young people that if this does not happen, I will change my broadband to an ISP that does implement an opt-in filter. Please let me know what you plan to do.
Yours sincerely,

Signature and Name:
My address:

The ISP Addresses

ISP anti-Pornography Fitlers: Easy to Break Them?

March 28, 2011

This is the second in a series of article looking at some of the common technical objections raised whenever people suggest the introduction of anti-pornography filters by all UK-based ISP’s which could then be switched off by the user if desired. The first article looked at the (lack of) impact on internet speeds by these proposed filters. Thanks are once again given to Leigh Porter, a Systems Architect who has worked at UK Broadband for several years who has kindly provided clarification and correction where it was needed.

ISP Level Filters can be Circumnavigated: The argument here is that any ISP level filter will be easily circumnavigated by various methods. These include (1) changing the port used by the computer, (2) using a proxy server, (3) use of SSH Tunnelling and VPN Tunnelling. While changing the port turns out to be irrelevant, the others are also weaknesses used to work around PC based filters as well. We will address these in turn.

1) Computer PortsChanging the port will not affect ISP level filters because the Deep Packet Inspection filters routinely used by ISPs analyze all web traffic regardless of the port being used.

In computer networking / web access, the Port is a bit of software that acts as a gate through which data is sent. For the internet they are used by various ‘Transport Layer’ protocols like TCIP (Transmission Control Protocol) and UDP (User Datagram Protocol) as outlined in this wkipedia article.

Ports are assigned a number, with some port numbers reserved by convention for particular services. Traditionally, Port 80 was reserved for use by the Hypertext Transfer Protocol (HTTP) used on the web. This is the meaning of ‘http’ seen at the beginning of all web page addresses or URLs.

The argument is that an ISP level filter can simply be bypassed by forcing the computer to use a different port to connect to the web, either by changing various settings on the computer or simply inserting the required port number after the website URL (e.g. sending the request to http://www.mysite.co.uk:4000 would force the use of port 4000 instead of port 80).

Port Changing no Longer Relevant: While that argument was true in the past, the universal use of DPI filters that analyze all traffic regardless of port means this argument is no longer relevant.

2) Proxy Server – The problems of proxy servers applies to the ISP-level anti-pornography filter as well as the PC based parental control. A proxy server acts as an intermediary, or middleman, for requests from, in this case, the home computer to their ISP. The argument is that it is easy to by-pass ISP-level filters by using a proxy.

Proxy servers are actually used by some PC based pornography filters. Here, the users traffic is passed first to the proxy server used by the PC filter company. This checks the request against a blacklist and then allows the data through if cleared. Incoming data is also cleared in a similar way, going through the company’s proxy. OpenDNS is a proxy server system with adjustable filtering built in. The user points traffic to the OpenDNS (proxy) servers that contain adjustable filtering systems.

Proxies are very useful for those in countries that try to restrict web access. An increasingly popular proxy is run by the non-profit Tor Project which passes the encrypted data through 3 different servers before sending it onto the final destination, providing greater anonymity. However, it is easy to see how, just as proxies play useful roles, they can also be used to by-pass filtering systems. Proxies are one way to work around firewalls, filters and parental controls. This is true of both PC base and proposed ISP-level anti-pornography filters.

Some people also use SSL proxy servers, though while encrypting data these tends to be significantly slower. Even then it would be possible to work out the IP addresses of filtered sites and then inspect the SSL encrypted traffic to those sites. Leigh Porter states the ISP would ‘act as a middleman for those sites when they are encrypted thereby decrypting the traffic’. He acknowledges that this would probably not be popular, would be more processor intensive and might slow things down a little, but it is possible to do and implement in a voluntary ISP-level filter system. This extra level of protection is not possible on PC based filters.

Combating the use of Proxies: For both PC based and ISP level filters there are two things that parents can do to reduce the risk of proxy server use. They can (a) set the administration settings to ensure that they are the only ones able to change the various settings required for a computer to use proxy settings (see this Blocking Proxy Servers tutorial) and (b) obtain a blacklist of proxy server URLs (also available from ShallaList) and ensure that access to these domains is blocked within the browsers.

Parents should note that it will also be necessary to prevent users from being able to install another browser which does not contain the list. It is possible to block domains globally for all browsers on Windows OS machines via the HOSTS file within Windows, also described here.

3) SSH Tunnelling and VPN Tunnelling: The more determined user may resort to SSH (Secure Shell) Tunnelling and VPN (Virtual Private Network) Tunnelling to circumvent filters. As explained in this Suite 101 article, this works by ‘one computer initiating an encrypted SSH connection to another. The remote computer has a proxy server installed. All web browser traffic is then configured to go through the encrypted SSH tunnel, thus bypassing all Internet filters.’

As the article suggests, the best way to prevent this is to ensure that all outbound traffic to the Internet other than HTTP (port 80) and HTTPS (port 443) on the computers through the admin settings within the Operating System. You then need to ensure that the other users are not able to change these settings. It is noted that blocking VPN and SSH may cause problems with legitimate services that use these connections. However, SSH servers are not common and most VPN services require credit card payments.

Conclusion: Changing the port will not affect ISP-level filters. Using proxy servers, SSH or VPN Tunnelling are issues that apply to both ISP-level and PC based filters. All require changes to the OS or Browser settings, which can be restricted through admin control levels.

Why ISP-level Anti-Porn Filters will not Slow Down the Web

February 24, 2011

Quite often the same arguments are used by opponents of the introduction of voluntary IP-level filters that would prevent most pornography from coming into the home. These can be divided into technological and ideological arguments. This is the first in a series of articles which will address the concerns, starting with some of the technological points often raised. They are written in consultation with Leigh Porter, a Systems Architect who has worked at UK Broadband for several years who has kindly provided clarification and correction where it was needed.

Network Level Filters will Slow Down the Internet: It is argued by some that ISP-level anti-porn filters would slow down the speed of the web. This may have been true a few years ago, but is not true today as (1) infrastructure and analysis algorithms have improved and (2) only a limited amount of data needs to be filtered.

ISPs routinely use Deep Packet Inspection of all web traffic and data transfer, passing the data through DPI filters. DPI is used, in the US, to comply with Calea requirements. It is also used globally, among other things, to help with network security, enforce service level agreements and preferentially allow normal web traffic through while restricting the bandwidth used by Peer to Peer (P2P) services such as BitTorrent.

Modern DPI filters handle up to 30Gb per second (Gbps)of traffic. A few years ago DPI filters could only cope with up to 10Gbps speeds and DPI filtering could have some impact on network speeds. However, with the introduction of faster filters and better filtering algorithms this is no longer the case. As stated by TechRepublic:

“What makes DPI all the more impressive is that the packet analysis happens in real time, with data stream throughput approaching 20-30 Gb. … With no loss of throughput, ISPs … insert these devices directly in their data streams, forcing all traffic to pass through the devices. Procera, Narus, and Ellacoya are front-runners in development of this technology, having placed equipment throughout the world”

Google already provides SeafeSearch options for Google Search, providing filtering services for all traffic that proceeds through its servers while performing search. Other search engines also provide similar services and there are no reports of such activities slowing down user experience.

In addition, not web traffic will need to be filtered. Pornographic websites must be hosted on a server. All servers have IP addresses, and the filtering would only need to be applied to traffic directed to those servers. Thus, while servers can hold hundreds of websites each, only a relatively small number of servers would need to be monitored.

Added to this is the fact that filtering will only be required for clients who have chosen to have the ISP-level filter turned on. One last point is that the PC level filter, by the very way it works, directing traffic to a proxy that checks a list and then releases the request, is likely to be slower than the ISP-level filter.

Conclusion: It can be confidently stated that ISP-Level filters will not slow down web traffic.

© Peter Watts 2011

Disturb us Lord – Prayer by Sir Francis Drake

February 9, 2011

Disturb us, Lord, when we are too well pleased with ourselves,
When our dreams have come true
Because we have dreamed too little,
When we arrived safely
Because we sailed too close to the shore.

Disturb us, Lord, when
With the abundance of things we possess
We have lost our thirst
For the waters of life;
Having fallen in love with life,
We have ceased to dream of eternity
And in our efforts to build a new earth,
We have allowed our vision
Of the new Heaven to dim.

Disturb us, Lord, to dare more boldly,
To venture on wider seas
Where storms will show your mastery;
Where losing sight of land,
We shall find the stars.
We ask You to push back
The horizons of our hopes;
And to push into the future
In strength, courage, hope, and love.

Most People in Favour of ISP Anti-Pornography Filters says Poll

February 8, 2011

A recent poll showed that 69% of respondents who expressed an opinion would choose to use a voluntary filter to block pornographic content were such a filter available from their internet service provider.

Carried out by YouGov Plc and funded by TalkTalk on behalf of Safermedia, Claire Perry MP and others, the poll clearly shows that there is a demand for such filters to be made available. The figures are weighted and are representative of all GB adults aged 18.

83% of the people said they thought that seeing pornographic content on the internet was either very, or fairly, damaging to children. 73% thought that the easy availability of extreme pornography on the internet is damaging to society. This indicates that concern about the issue spreads far beyond the concern for children alone.

Probably not surprisingly, women are more likely to use an ISP-level filter than men (77% versus 37%). However, the number of men in favour increases dramatically with age, being lowest in the 18-24 year old group.

This means that nearly 80% of all households in the UK contain at least one member who would be in favour of using ISP-level filters.

Overall, the survey showed that there is concern about the accessibility of pornography on the internet and the impact it has on society. The uptake of ISP-level filters, were they available, would also be quite high.

The benefits to households of these filters are numerous. They would protect the entire household in one go, avoiding the need to manage each individual computer. They would also provide protection for other web-enabled devices (such as TVs and games consoles) which can not currently be monitored by other filters currently available. These filters would also reduce the number of malware attacks from pornographic websites, and increase online security.

The question, then, is whether the ISP industry will respond favourably to these findings or continue to bury it’s collective head in the sand. At least one ISP, TalkTalk, seems to be taking this seriously. They would currently appear to be the most Family Friendly and Family Safe major ISP on the market today.

Follow the developments on FaceBook: Family Safe ISP

All figures, unless otherwise stated, are from YouGov Plc.  Total sample size was 2,051 adults. Fieldwork was undertaken between 2nd – 3rd February 2011.  The survey was carried out online. The figures have been weighted and are representative of all GB adults (aged 18+).

Article © Peter Watts 2011


Follow

Get every new post delivered to your Inbox.