NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Blocking HTTPS sites, truth vs lies.
Let me be clear and say that my knowledge is limited, no one knows everything about computers. I am fairly new, I have only been programming since the 1980's. Yes, I did look and yes, I see that the same issue has been brought up many times. I also keep seeing the same lame excuse that, quite frankly seams like a lie. I am going to call BS on this, ask the question again, and see if we can't get somewhere with it. The lie: "HTTPS pages are encrypted and the router can't see the content, hence, it can't block access to HTTPS pages." This same excuse keeps being used. This tired statement starts out true, about being encrypted and not seeing page content. It is also true that the ability to block the page, based on a scan of the page content, could not function. However; that claim fails to be true when it is used as an excuse for not blocking a domain name. The truth: The URL of an encrypted page is NOT encrypted or it couldn't be routed to its destination. Currently, there is no reason this router shouldn't be able to block HTTPS pages by applying the filter to the domain name. I understand that a URL mask can be applied server-side and HTTPS encryption used to hide the true destination. Yes, I know there are work-arounds for crafty programmers/hackers. That said, applying the filters to the known URL would allow a significantly effective block for many things. When we are looking at router level filters, we are not talking about national defense or stopping a truly determined expert hacker. Given a little opportunity, I doubt 1 out of 10,000 people would be able to keep a novice hacker out of their personal computer. That said, it would be most helpful to many of us if Netgear would simply apply the filters, we have already input, to the URL and stop the average person from simply typing https://facebook.com and getting what they want when we told you to block facebook.com. Ok so the next suggestion at this point might be to use the Genie app with the parental controls. That simply isn't an option. For reasons I will rant about in a future post, the Genie app is itself a security breach and not viable in its current design. So, no more lies please, even if you can't filter HTTPS pages by content scan, at least implement the filters on the URL so we can effectively block most of the things we don't want getting through. I do feel strongly about this and will not apologize for my tone. I am not a networking expert. If there is something I am missing, will someone PLEASE explain it to me because I have yet to read an explanation here that made any sence. Thank you for your consideration.
