Teapot Posted May 25, 2010 Posted May 25, 2010 Anybody notice the new https google search tool? Just go to the normal Google search site and append an "s" to the "http." Search results aren't filtered. At all. If someone tries hitting one of those links, then it's subject to all normal processing routines, but the link is available. Solutions? Not sure a good one exists yet. Can't block Google. Can't block https access to the google.com domain.
nile_c Posted May 25, 2010 Posted May 25, 2010 There's another thread discussing this somewhere over here: http://www.edugeek.net/forums/news/56228-google-offer-encrypted-search-week.html As far as filtering goes, SmoothWall has HTTPS interception and when enabled but this should mean "secure" Google is treated the same as "regular Google. We're yet to give any best practice advice for those without the HTTPS option but you folks are sure to hear it here first ;-)
Teapot Posted May 25, 2010 Author Posted May 25, 2010 That's not bad news at all. I'm already using DansGuardian and am quite pleased with it, so I'm not averse to taking a look at SmoothWall.
johnsw16 Posted June 8, 2010 Posted June 8, 2010 E2BN Protex are investigating this at the moment with our LA members - we have a proposed solution to the issue which (currently) only really affects those schools that use various other Google services which require authentication. We will be implementing this over the weekend. If you are in our region more information will be coming out shortly. 1
GrumbleDook Posted June 8, 2010 Posted June 8, 2010 E2BN Protex are investigating this at the moment with our LA members - we have a proposed solution to the issue which (currently) only really affects those schools that use various other Google services which require authentication. We will be implementing this over the weekend. If you are in our region more information will be coming out shortly. Thanks for the update John. Also, just to let others know, the various RBCs are working on this through the NEN and seeing what can be done. Contacts have been passed around with those involved in things like the Google Teacher Academy so Google Apps for Edu is being taken into consideration by E2BN and other RBCs.
tom_newton Posted June 9, 2010 Posted June 9, 2010 Interestingly, separating live@edu from hotmail without interception seems possible, whereas separating google(mail|dox|etc) from secure search looks to require HTTPS interception.
nile_c Posted June 15, 2010 Posted June 15, 2010 As promised, we've put out a paper, and you guys are first to read it! See: http://www.edugeek.net/forums/internet-related-filtering-firewall/58036-smoothwall-googlessl.html It's a general document, so if you need the nuts'n'bolts of "what to do" with your Smoothie our support team are 100% au fait with all this. Alternatively me, @tom_newton: or @rob_f: are around :-)
AngryTechnician Posted June 18, 2010 Posted June 18, 2010 This from Google earlier this week (seen in safetynet): Official Google Enterprise Blog: An update on encrypted web search in schools Monday, June 14, 2010 at 8:59 AM We recently launched a beta version of encrypted (SSL) search at https://www.google.com to prevent people from intercepting our users’ search terms and results. However, because encrypted search creates an obscured channel between a user’s computer and Google, users who go to https://www.google.com can bypass some schools’ content filters. This can make it hard for schools to stop students from accessing adult content. One option is for schools to use our SafeSearch lock feature, which is designed to help keep adult content out of our search results. But given how many computers some institutions have this is proving impractical in many cases. So to prevent students from bypassing their filters, some schools are blocking encrypted search. However, a side effect of this action is that it also blocks other services hosted at Google’s secure URL, including Google Apps for Education, and many of our other services which require authentication to keep information safe. We’re working hard to address this issue as quickly as possible and in a few weeks we will move encrypted search to a new hostname – so schools can limit access to SSL search without disrupting other Google services, like Google Apps for Education. Longer term, we are exploring other options like moving authentication to its own hostname so that we can return encrypted search to https://www.google.com. Safety and security matter to Google, and we are committed to working with our partners in education so that we help keep students safe and secure on the Internet. Posted by Dave Girouard, President, Google Enterprise (My emphasis.)
nile_c Posted June 18, 2010 Posted June 18, 2010 Well that will certainly make life easier for those without HTTPS interception. I'm (personally) still amazed that they did this, given all the fuss that occurred when Bing was released. * Back then, Microsoft was seen to have failed in its duty to maintain the status quo set by Google and others. Fast forward to now and Google have failed to maintain their own status quo, consequently breaking many filters. Then again, the "status quo" is something you ought not cling to on the internet. That's why we're here ;-) Keep it safe folks... * backstory: Bing Community
CyberNerd Posted July 5, 2010 Posted July 5, 2010 this is fixed now: Official Google Enterprise Blog: An update on encrypted web search in schools Less than two weeks ago, we announced here that we would be moving our encrypted search service to a new hostname in order to better serve our school partners and their users. Today, we moved encrypted search from https://www.google.com to https://encrypted.google.com. The site functions in the same way. However, if school network administrators decide to block encrypted searches on https://encrypted.google.com, the blocking will no longer affect Google authenticated services like Google Apps for Education. We are continuing to explore longer-term options such that we could return encrypted search to https://www.google.com without introducing issues with school content filters. -----
henselkp2001 Posted August 4, 2012 Posted August 4, 2012 I got nosslsearch implemented in the urlregex file by adding the line "^https://www(.google.com.*$)"->"https://nosslsearch\1" and blocking encrypted.google.com Worked great on my Comsifter 8-DPro (dansguardian) filter. Karl
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now