SparkleBox?

**TechSupp** · 9th November 2009, 10:53 AM

Do we know why SparkleBox has become blocked on the YHgFL network? Its actually blocked as it does not give the weighted phrase block when its down to content its found. Getting it in the neck here as they all think its me as I try and control what they print due to cost restrictions i.e. we don't have the money!

**Little-Miss** · 9th November 2009, 10:58 AM

I dont know why its sudden blocked at your end....but i have heard a rumour why other LA's have blocked it...

**mwalpole** · 9th November 2009, 01:40 PM

Hi,

Sorry it has taken me a while to reply to this, but this is the reason we have blocked sparklebox.

We became aware on Monday of a site that is causing concern to other grids around the country – SparkleBox. I took the decision to add this to the blocked list on Monday because of the issues which have been brought to my attention. It appears that there are three key issues with the site:
1. The site is operating illegally in that the company operating the site has no registration with the Data Protection Registrar
2. The site signposts users to an un-trusted social networking site
3. The site offers the download of a toolbox with an unknown 'payload' – for example, the download could be collecting browsing history or initiate an internal attack on school systems immediately, or at some unknown future time.

We are currently investigating the toolbox in detail to see whether we can identify the exact nature of the threat, but there is a difficulty with anything like this in identifying what is buried in the code.

We feel that this threat needs to be taken seriously – and we do so not only with this website, but with any others that we have justifiable concerns about. Clearly, this website has a number of users in the region and I feel that this is an opportunity to re-state our position on threats such as these.

Clearly, teachers can still access the site by using the elevated logon, but we do think that any teachers who are tempted to do so should be made aware of the issues regarding its use – the installation of any ‘toolkit’ or browser toolbar carries a risk and may be a breach of existing acceptable use policies.

It may be an opportunity to point out to schools the existence of our ‘Guidance for creating a school eSafety policy’ and ‘End user AUP guidance’ which are available from Policies / Schools / eSafety / YHGfL - YHGfL. We are also in the process of reviewing our local authority AUP with the Network and eLearning Groups and should be making detailed proposals to CAB in December.

**ayoward** · 10th November 2009, 09:36 AM

Originally Posted by mwalpole

Hi,

Sorry it has taken me a while to reply to this, but this is the reason we have blocked sparklebox.

We became aware on Monday of a site that is causing concern to other grids around the country – SparkleBox. I took the decision to add this to the blocked list on Monday because of the issues which have been brought to my attention. It appears that there are three key issues with the site:
1. The site is operating illegally in that the company operating the site has no registration with the Data Protection Registrar
2. The site signposts users to an un-trusted social networking site
3. The site offers the download of a toolbox with an unknown 'payload' – for example, the download could be collecting browsing history or initiate an internal attack on school systems immediately, or at some unknown future time.

We are currently investigating the toolbox in detail to see whether we can identify the exact nature of the threat, but there is a difficulty with anything like this in identifying what is buried in the code.

We feel that this threat needs to be taken seriously – and we do so not only with this website, but with any others that we have justifiable concerns about. Clearly, this website has a number of users in the region and I feel that this is an opportunity to re-state our position on threats such as these.

Clearly, teachers can still access the site by using the elevated logon, but we do think that any teachers who are tempted to do so should be made aware of the issues regarding its use – the installation of any ‘toolkit’ or browser toolbar carries a risk and may be a breach of existing acceptable use policies.

It may be an opportunity to point out to schools the existence of our ‘Guidance for creating a school eSafety policy’ and ‘End user AUP guidance’ which are available from Policies / Schools / eSafety / YHGfL - YHGfL. We are also in the process of reviewing our local authority AUP with the Network and eLearning Groups and should be making detailed proposals to CAB in December.

It should be pointed out that the I in this statement is our Chief Exec. Marc hasn't taken this decision himself.

Andrew

**L_Smith** · 10th November 2009, 09:39 AM

Will the BGFL be blocking it? It would be useful to know so i could inform everyone in advance.

**ayoward** · 10th November 2009, 10:22 AM

Originally Posted by L_Smith

Will the BGFL be blocking it? It would be useful to know so i could inform everyone in advance.

I honestly have no idea. I believe it was discussed at the NEN Regional Managers meeting, but I think it is up to individual grids to make their own decision.

Andrew

**Marci** · 10th November 2009, 11:44 AM

Heh - looks as tho SparkleBox aren't too thrilled about it: The SparkleBox Teacher Resources Blog: Dear SWGfL (again)

**leco** · 10th November 2009, 11:48 AM

Originally Posted by Marci

Heh - looks as tho SparkleBox aren't too thrilled about it: The SparkleBox Teacher Resources Blog: Dear SWGfL (again)

Would read it - but erm, as I'm at school, the site is blocked

**Marci** · 10th November 2009, 11:49 AM

S'not blocked on libproxy...

**leco** · 10th November 2009, 11:52 AM

Originally Posted by Marci

S'not blocked on libproxy...

Ok, Ok no need to gloat. I still haven't got round to getting anything other than primaryproxy.

**soveryapt** · 12th November 2009, 10:58 AM

Does anyone have any further information on the actual risks posed by SparkleBox? Is it the resources or just the toolbar / links from the site that are a risk?

Looking into it for my school (in LancsNGFL) which currently isn't blocked, but with risks being identified the head has requested I block it internally on our NED whilst we find out further information, and as I'm not the most popular person for doing so ....

Thanks

**leco** · 12th November 2009, 12:13 PM

In school I have had, from the LA, the information provided by YHGfL, which I'd read in here first. The head is in the process of requesting unfiltered access for specific uses - one of which I suspect will be Sparklebox.

**mwalpole** · 12th November 2009, 12:19 PM

I have read these posts on here, and asked our managers here.

At the present, the only reason Sparklebox is blocked is because of those listed in our Chief executives email that I copied into this thread.

The unfiltered access takes the form of a username and password to use on login.yhgfl.net. It allows totally unfiltered internet access to any website, as you would have at home.

**lionsl2005** · 12th November 2009, 12:34 PM

ITS blocked in LGFL as well. we received the same email as YHGFL posted here.

**mpe** · 12th November 2009, 12:49 PM

Originally Posted by leco

In school I have had, from the LA, the information provided by YHGfL, which I'd read in here first. The head is in the process of requesting unfiltered access for specific uses - one of which I suspect will be Sparklebox.

Should they be able to do this considering that the first issue identified involves the operators breaking the law.

LinkBack

Thread Tools

Search Thread

SparkleBox?

Similar Threads

Sparklebox Toolbar

Sparklebox Search Results

Sparklebox unkown zone

Sparklebox File Sizes

Thread Information

Users Browsing this Thread

Posting Permissions