Parental filters are not a substitute for parenting or parental responsibility.
Most 'children' are more than capable of bypassing ISP or DNS filters by using proxy sites, the details of which are passed around and used in schools. If you want to devolve your responsibilities to a third party, look at device level filtering / monitoring - depending on the device https://account.microsoft.com/family/about may be of use.

No one said anything about it being a substitute. What are you trying to imply exactly?

In reply to a post by Shah1989:

Hi hyperoptic, i have contacted support only to be told you dont filter.

Hyperoptic don't filter, why should they? They provide internet access to the whole internet not selected bits of it.

If you want filtering, you should install it yourself. As far as I can see you have already been advised on how to do this.

It should come as a feature. Why don't you do it for me

In reply to a post by Shah1989:

It should come as a feature.

Why should it?

One of the best ISPs in terms of the broadband itself, AAISP, makes the rejection of any filtering a feature.

As has been pointed out to you, most schoolchildren can get round the mainstream provider parental controls with ease. Quite apart from what they can get on their mobiles. You need to educate them on the fact that porn is nothing like real life relationships and not the place to learn how to behave to others of any gender.

If you also want filtering, then engineer a solution yourself as described by the hyperoptic rep, or using one of the many add-ons. Some people also use a router with guest wifi, put restrictions on that and give that wifi login to their children to use rather than their main one.

How do you prevent them accessing porn at friends' houses?

Edited by RobertoS (Fri 02-Dec-16 09:43:33)

It's very difficult to do this without using more advanced hardware.

On my own setup, I can (and do) catch ALL DNS requests made on my LAN, and either FORCE them to resolve locally (on a dnsmasq instance) or FORCE the packets onto alternative name servers (OpenDNS). The point here is that port 53 is caught and dealt with. I can configure my system so even if you try and use alternative name servers, it can still route you onto OpenDNS (or somewhere else, of my choosing).

So that's one point that kids would not be able to get around.

The second issue is proxies. Now the only way round that is a proxy on port 80 and 443, again, forcing all such traffic destined for those ports through the proxy (even having it deal with SSL traffic, which I believe is possible on newer versions of squid) and then locking down ALL other ports. Proxy can be configured to block even more interesting URLs and sites, plus becomes a nice method for logging browsing activity.

Shove all this configuration onto a custom wireless SSID running on a confined VLAN, and you just about have something that would be child proof. Make sure you run managed switches, password protected, and lock them in a cupboard so children can't just plug directly into the network on a spare ethernet port, and unplug cables to use ports on those switches that are actually configured.

This turns into a rabbit hole of issues that need addressed, and I doubt you are going to get any of this on a off-the-shelf consumer router. OpenDNS is a start, sure, but it can be easily circumvented if the setup allows it.

SurfControl did it. (Much to my regret I turned down a being a director when it was set up. As you can see, I would now be a multi-millionaire ).

What has happened since that wiki was written I don't know.

Roughly speaking it was pre-wifi network connections and worked by having a specialised network card on a machine that accepted all internet requests on the Lan and sent out immediate cancellations if blacklisted. The final link on the wiki article seems to go to where it has now ended up absorbed. No doubt wifi is now covered.

Don't Norton and Kaspersky and no doubt their competitors do it as well? At a more domestic price level?

Edited by RobertoS (Fri 02-Dec-16 11:09:26)

I don't believe anyone should expect their ISP to censor/control their Internet connection - it may be an added feature, but if you need it then you'd have to make sure you're choosing the right ISP.

Another solution would possibly be too technical - something like a dedicated Sophos UTM box, set up to intercept and scan https as well as normal http. This doesn't really prevent unfiltered access through VPNs not proxies, so you'd need to lock down the PC/tablet/etc as well.

Honestly, as it's already been said, most kids nowadays will quickly find a way around most "protection" anyway.

Hello,

Unfortunately we don't have this feature available at the moment.

Kind regards,